Proposed Identity and Access Management in Future Internet (IAMFI): A Behavioral Modeling Approach

Abstract

The Future Internet (FI) sees the world of objects completely connected over the Internet all the time. It is like opening one’s network doors of say home, companies and organizations to the world where it increases efficiency but at any case should not compromise security by exposing sensitive information, presenting tremendous challenge towards access control and identity management in FI. A well-managed identity management system should provide necessary tools for controlling user access and access to critical information. A fitting example will be the IoT (Internet of Things) where every object will be smart and will take advantage of cloud for storage and processing power. In this paper we provide an introduction to Identity and access management in FI followed by a simplified architecture of the FI and its components. We then proceed by providing a short description about the frequent threats to data stored on cloud along with possible mitigation techniques to the threats.We also provide a comparative study of existing work on access control and propose a method to overcome the limitation of the existing techniques where sensitive organizational information (access policy) is exposed to the cloud. We address this issue in IAMFI by extending the Attribute based encryption technique and allowing users to have control over their attribute exposure at the time of requesting access. We also provide a mechanism in IAMFI for distributed attribute and key management for various users thereby reducing the overhead at a single site.