Nrl
Publications at NRL

Search by Title

Search:

Search by Author

Search:


Technical Report

Title

Multi-Factor Authentication and Authorization using Attribute Based Identification

Abstract

Access control (authentication, authorization, and verification) is the most frequently occurring security action in the electric sector, and a multi-factor technique is recommended as one of the most promising solutions. However, the technique, despite its huge potential, has been underutilized with limitations, e.g., applied only to authentication and requiring human presence for fingerprinting. This paper proposes Multi-Factor Authentica- tion and Authorization that employs the multi-factor technique for enhanced access control using attribute-based encryption. A subject (user) is granted more than two factors consisting of attributes from independent authorities, and an object develops its own access control rule that involves multiple factors. When accessing the object (to read data or to control the object), the user presents multiple attributes and factor keys, each of which is issued by different authorities. This decreases the probability that she presents false evidence of privilege, and thus increases security assurance. To demonstrate the feasibility of the proposed scheme, we implement a library and apply it to our smart building testbed. Through conducting several experiments and analyzing their results, we evaluate the performance of computation cost and illustrate an automated smart building control

Download
Paper: PDF file of paper

Information & Date

, , May. 2014

Authors

Eun-Kyu Lee
Jae-Han Lim
Josh Joy
Mario Gerla
Rajit Gadh