在物聯網環境中實現匿名性及基於能力的授權

Abstract

在物聯網環境中，用戶必須請求權限以在設備上執行預期的操作，例如對於智能鎖的控制權。然而在目前物聯網環境下，因為現行較為粗糙的授權模型，使用者將在授權後獲得設備的所有功能的權限，而非僅是他需要的特定功能，而這將導致溢權問題。而另一個問題則在使用者對設備執行操作時產生，在當前的授權機制下，每當用戶想要控制設備時，設備都會將用戶的身份資料和要執行的操作發送到遠端的設備伺服器以進行認證和授權。因此，設備的伺服器將會知道執行操作的人和時間因而造成用戶隱私的洩漏。 在本文中，我們提出了一種新的在物聯網環境中設備的認證和授權機制，不僅能夠提供精細的能力授權並同時保護用戶的隱私。在我們的設計中，我們將開放授權和直接匿名認證的特性應用到當前的授權模型。此外，我們實作了我們的設計，來檢查是否能達成預期的安全性質，並和正常授權流程進行效能比較。我們也將我們的設計以實際的背景設定來做評估，最後我們對無線網路的實際案例做分析討論。透過分析和實驗結果可以得知，我們提出的解決方案可以同時克服溢權和隱私問題。

In an Internet of Things (IoT) environment, users have to request access to execute desired actions on a device, such as the control of a smart lock. However, due to the coarse-grained authorization model commonly used in current IoT environments, a user would be granted all the capabilities of a device after the authorization rather than specific capabilities he needs, which is known as the overprivilege problem. Another problem occurs when the user tries to access the device. Under the current authorization mechanism, whenever the user wants to control the device, the device would send user's credentials and the action to its remote server for authentication. Therefore, the device server would know exactly who and when the action is executed and the privacy of the user is leaked. In this paper, we propose a new authorization mechanism for devices in the Internet of Things environment which supports fine-grained permission authorization and protect the privacy of the user simultaneously. In our design, we leverage the properties of OAuth and Direct Anonymous Attestation (DAA) to improve current authorization models. We also build a prototype of our design to evaluate the security properties and compare the performance with the normal authorization scenario. We evaluate our scheme in a realistic scenario and conduct a case study of the Wi-Fi access authorization mechanism. Through the analysis and the experiment result, we show that our proposed solution can overcome both the overprivilege and privacy problem simultaneously with reasonable performance overhead.