Capability-Based Access Control with ECC Key Management for the M2M Local Cloud Platform

One of the critical requirement in managing security of any computing system is access control, which includes protection and access management to the available resources. This requirement becomes more strict especially in a distributed computing environment that consists of constrained devices such as Machine-to-Machine (M2M). New challenges in access control are identified in a system comprises a group of distributed multiple M2M gateways forming a so called M2M local cloud platform (Vallati et al. in Wirel Trans Commun 87(3):1071–1091, 2016). Scalability is obviously a necessity which is lacking in some existing access control system. In addition, flexibility in managing access from users or entity belonging to other authorization domains as well as delegating access right are not provided as an integrated features. Lately, the capability-based access control has been suggested as method to manage access for M2M as the key enabler of Internet of Things. In this paper, a capability based access control equipped with Elliptic Curve Cryptography based key management is proposed for the M2M local cloud platform. The feasibility of the proposed capability based access control and key management are tested by implementing them within the security manager that is part of the overall component of the platform architecture, and evaluating their performances by a series of experimentations.