SAAC: Secure Access Control Management Framework for Multi-User Smart Home Systems

In a smart home environment, multiple users can access a single smart device simultaneously. Moreover, these multiple users may have conflicting demands at a time; that is, one user's demands differ from another for the same device based on the role of users and environmental factors. Therefore, existing single-user access control systems cannot handle such conflicting and dynamically changing demands, considering both roles and environmental factors in the multi-user smart home environment. Considering this issue, we proposed a Smart Access Control and Authorization framework (SAAC). It is a multi-user access control solution that has four modules, namely, a user interaction module, a backend server module, a policy manager module, and a policy execution module. The user interaction module collects user data and resource policies, which are processed by the backend server and forwarded to the policy manager. The policy manager resolves conflicts and generates final policies, which are stored in the backend server for enforcement by the policy execution module. The finalized policies are shared with the backend server module and saved there till needed for execution by the policy execution module to enforce the access control decision. We have implemented a proof of concept of the proposed framework on VS Code using the Casbin library. The performance evaluation results show our framework's effectiveness and efficiency with lower computational complexity requirements than existing methods. Finally, we performed a security analysis of the proposed model based on the STRIDE model that confirms its robustness against access control attacks.