Vorträge und Posterpräsentationen (mit Tagungsband-Eintrag):
M. Jung, G. Kienesberger, W. Granzer, M. Unger, W. Kastner:
"Privacy enabled Web service access control using SAML and XACML for home automation gateways";
Vortrag: 6th International Conference for Internet Technology and Secured Transactions,
Abu Dhabi;
11.12.2011
- 14.12.2011; in: "Proceedings of the 6th International Conference for Internet Technology and Secured Transactions",
IEEE,
(2011),
S. 584
- 591.
Kurzfassung deutsch:
A recent trend in home automation are gateways that offer a Web service based Application Programming Interface (API) to access an underlying home automation system. Due to the ease of use and the interoperability of Web services numerous use cases can be found for third party applications using such APIs. Smart homes allow to control nearly every aspect of living within a building, which also imposes great security and privacy concerns. Therefore this paper contributes a generic access control concept for Web service based APIs using
the Security Assertion Markup Language and the Extensible Access Control Markup Language. This concept allows a user to securely authorize the access of third party applications to the home automation system in order to protect privacy and to ensure security. The access control concept is generic since no API change is required leaving the service provider and service consumer untouched.
Kurzfassung englisch:
A recent trend in home automation are gateways that offer a Web service based Application Programming Interface (API) to access an underlying home automation system. Due to the ease of use and the interoperability of Web services numerous use cases can be found for third party applications using such APIs. Smart homes allow to control nearly every aspect of living within a building, which also imposes great security and privacy concerns. Therefore this paper contributes a generic access control concept for Web service based APIs using
the Security Assertion Markup Language and the Extensible Access Control Markup Language. This concept allows a user to securely authorize the access of third party applications to the home automation system in order to protect privacy and to ensure security. The access control concept is generic since no API change is required leaving the service provider and service consumer untouched.
Schlagworte:
Home automation, Web services, access control
Elektronische Version der Publikation:
http://publik.tuwien.ac.at/files/PubDat_203816.pdf
Zugeordnete Projekte:
Projektleitung Wolfgang Kastner:
Smart Grid Modellregion Salzburg - Konzeption eines Informationsmodells für webbasierten Zugriff auf Smart Grid Daten
Erstellt aus der Publikationsdatenbank der Technischen Universität Wien.