The HABAC Model for Smart Home IoT and Comparison to EGRBAC

In the near future IoT will be part of every home turning our houses into smart houses, in which we have multiple users with complex social relationships between them using the same smart devices. This requires sophisticated access control specification and enforcement models. Recently, several access control models have been developed or adapted for IoT in general, with a few specifically designed for the smart home IoT domain. The majority of these models are built on role-based access control (RBAC) or attribute-based access control (ABAC) models which have had considerable traction in traditional non-IoT domains. In this paper, we introduce the smart home IoT attribute-based access control model (HABAC). HABAC is a dynamic and fine-grained model that is developed specifically to meet smart home IoT challenges. Currently it is not precisely clear what are the pros and cons of ABAC over RBAC in general, and in smart home IoT in particular. To this end we provide an analysis of HABAC relative to the previously published EGRBAC (extended generalized role based access control) model for smart home IoT. We compare the theoretical expressive power of these models by providing algorithms for converting an HABAC specification to EGRBAC and vice versa, and discuss the insights for practical deployment of these models resulting from these constructions. We conclude that a hybrid model combining ABAC and RBAC features may be the most suitable for smart home IoT, and likely more generally.