{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,6]],"date-time":"2026-03-06T15:10:14Z","timestamp":1772809814365,"version":"3.50.1"},"publisher-location":"Cham","reference-count":20,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783031106835","type":"print"},{"value":"9783031106842","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-10684-2_14","type":"book-chapter","created":{"date-parts":[[2022,7,12]],"date-time":"2022-07-12T07:05:06Z","timestamp":1657609506000},"page":"236-255","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["End-to-End Protection of\u00a0IoT Communications Through Cryptographic Enforcement of\u00a0Access Control Policies"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1700-672X","authenticated-orcid":false,"given":"Stefano","family":"Berlato","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2899-2227","authenticated-orcid":false,"given":"Umberto","family":"Morelli","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2853-4269","authenticated-orcid":false,"given":"Roberto","family":"Carbone","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7269-9285","authenticated-orcid":false,"given":"Silvio","family":"Ranise","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,7,13]]},"reference":[{"key":"14_CR1","doi-asserted-by":"crossref","unstructured":"Ahmad, T., Morelli, U., Ranise, S.: Deploying access control enforcement for IoT in the cloud-edge continuum with the help of the CAP theorem. In: Proceedings of the 25th ACM Symposium on Access Control Models and Technologies, pp. 213\u2013220. ACM (2020)","DOI":"10.1145\/3381991.3395617"},{"key":"14_CR2","doi-asserted-by":"crossref","unstructured":"Ahmad, T., Morelli, U., Ranise, S., Zannone, N.: A lazy approach to access control as a service (ACaaS) for IoT: an AWS case study. In: Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies, SACMAT 2018, pp. 235\u2013246. Association for Computing Machinery, New York (2018)","DOI":"10.1145\/3205977.3205989"},{"issue":"2","key":"14_CR3","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1007\/s10207-021-00558-3","volume":"21","author":"T Ahmad","year":"2021","unstructured":"Ahmad, T., Morelli, U., Ranise, S., Zannone, N.: Extending access control in AWS IoT through event-driven functions: an experimental evaluation using a smart lock system. Int. J. Inf. Secur. 21(2), 379\u2013408 (2021)","journal-title":"Int. J. Inf. Secur."},{"key":"14_CR4","doi-asserted-by":"crossref","unstructured":"Armando, A., Grasso, M., Oudkerk, S., Ranise, S., Wrona, K.: Content-based information protection and release in NATO operations. In: Proceedings of the 18th ACM Symposium on Access Control Models and Technologies - SACMAT 2013, p. 261. ACM Press (2013)","DOI":"10.1145\/2462410.2462427"},{"key":"14_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1007\/978-3-319-05302-8_14","volume-title":"Foundations and Practice of Security","author":"A Armando","year":"2014","unstructured":"Armando, A., Oudkerk, S., Ranise, S., Wrona, K.: Formal modelling of content-based protection and release for access control in NATO operations. In: Danger, J.-L., Debbabi, M., Marion, J.-Y., Garcia-Alfaro, J., Zincir Heywood, N. (eds.) FPS-2013. LNCS, vol. 8352, pp. 227\u2013244. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-05302-8_14"},{"issue":"4","key":"14_CR6","doi-asserted-by":"publisher","first-page":"469","DOI":"10.1007\/s00145-008-9026-x","volume":"21","author":"M Bellare","year":"2008","unstructured":"Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. J. Cryptol. 21(4), 469\u2013491 (2008)","journal-title":"J. Cryptol."},{"issue":"1","key":"14_CR7","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3474056","volume":"25","author":"S Berlato","year":"2021","unstructured":"Berlato, S., Carbone, R., Lee, A.J., Ranise, S.: Formal modelling and automated trade-off analysis of enforcement architectures for cryptographic access control in the cloud. ACM Trans. Priv. Secur. 25(1), 1\u201337 (2021)","journal-title":"ACM Trans. Priv. Secur."},{"key":"14_CR8","doi-asserted-by":"crossref","unstructured":"Calabretta, M., Pecori, R., Veltri, L.: A token-based protocol for securing MQTT communications. In: 2018 26th International Conference on Software, Telecommunications and Computer Networks (SoftCOM), pp. 1\u20136. IEEE (2018)","DOI":"10.23919\/SOFTCOM.2018.8555834"},{"key":"14_CR9","doi-asserted-by":"crossref","unstructured":"Colombo, P., Ferrari, E.: Access control enforcement within MQTT-based internet of things ecosystems. In: Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies, pp. 223\u2013234. ACM (2018)","DOI":"10.1145\/3205977.3205986"},{"key":"14_CR10","doi-asserted-by":"crossref","unstructured":"Djoko, J.B., Lange, J., Lee, A.J.: NeXUS: practical and secure access control on untrusted storage platforms using client-side SGX. In: 2019 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 401\u2013413. IEEE (2019)","DOI":"10.1109\/DSN.2019.00049"},{"key":"14_CR11","doi-asserted-by":"crossref","unstructured":"Elemam, E., Bahaa-Eldin, A.M., Shaker, N.H., Sobh, M.A.: A secure MQTT protocol, telemedicine IoT case study. In: 2019 14th International Conference on Computer Engineering and Systems (ICCES), pp. 99\u2013105. IEEE (2019)","DOI":"10.1109\/ICCES48960.2019.9068129"},{"key":"14_CR12","doi-asserted-by":"crossref","unstructured":"Garrison, W.C., Shull, A., Myers, S., Lee, A.J.: On the practicality of cryptographically enforcing dynamic access control policies in the cloud. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 819\u2013838 (2016)","DOI":"10.1109\/SP.2016.54"},{"issue":"3","key":"14_CR13","doi-asserted-by":"publisher","first-page":"527","DOI":"10.1007\/s11277-011-0385-5","volume":"61","author":"T Heer","year":"2011","unstructured":"Heer, T., Garcia-Morchon, O., Hummen, R., Keoh, S.L., Kumar, S.S., Wehrle, K.: Security challenges in the IP-based internet of things. Wirel. Pers. Commun. 61(3), 527\u2013542 (2011)","journal-title":"Wirel. Pers. Commun."},{"key":"14_CR14","doi-asserted-by":"crossref","unstructured":"Kurnikov, A., Paverd, A., Mannan, M., Asokan, N.: Keys in the clouds: auditable multi-device access to cryptographic credentials. In: Proceedings of the 13th International Conference on Availability, Reliability and Security, pp. 1\u201310. ACM (2018)","DOI":"10.1145\/3230833.3234518"},{"key":"14_CR15","doi-asserted-by":"crossref","unstructured":"Malina, L., Srivastava, G., Dzurenda, P., Hajny, J., Fujdiak, R.: A secure publish\/subscribe protocol for internet of things. In: Proceedings of the 14th International Conference on Availability, Reliability and Security, pp. 1\u201310. ACM (2019)","DOI":"10.1145\/3339252.3340503"},{"key":"14_CR16","doi-asserted-by":"crossref","unstructured":"Palmieri, A., Prem, P., Ranise, S., Morelli, U., Ahmad, T.: MQTTSA: a tool for automatically assisting the secure deployments of MQTT brokers. In: 2019 IEEE World Congress on Services (SERVICES), vol. 2642\u2013939X, pp. 47\u201353 (2019)","DOI":"10.1109\/SERVICES.2019.00023"},{"key":"14_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1007\/3-540-45608-2_3","volume-title":"Foundations of Security Analysis and Design","author":"P Samarati","year":"2001","unstructured":"Samarati, P., de Vimercati, S.C.: Access control: policies, models, and mechanisms. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 137\u2013196. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-45608-2_3"},{"key":"14_CR18","doi-asserted-by":"publisher","first-page":"115051","DOI":"10.1109\/ACCESS.2020.3003998","volume":"8","author":"EB Sanjuan","year":"2020","unstructured":"Sanjuan, E.B., Cardiel, I.A., Cerrada, J.A., Cerrada, C.: Message queuing telemetry transport (MQTT) security: a cryptographic smart card approach. IEEE Access 8, 115051\u2013115062 (2020)","journal-title":"IEEE Access"},{"key":"14_CR19","doi-asserted-by":"crossref","unstructured":"Segarra, C., Delgado-Gonzalo, R., Schiavoni, V.: MQT-TZ: hardening IoT brokers using ARM TrustZone: (practical experience report). In: 2020 International Symposium on Reliable Distributed Systems (SRDS), pp. 256\u2013265. IEEE (2020)","DOI":"10.1109\/SRDS51746.2020.00033"},{"key":"14_CR20","doi-asserted-by":"publisher","DOI":"10.1016\/j.iot.2019.100075","volume":"14","author":"S Zeadally","year":"2019","unstructured":"Zeadally, S., Das, A.K., Sklavos, N.: Cryptographic technologies and protocol standards for internet of things. Internet Things 14, 100075 (2019)","journal-title":"Internet Things"}],"container-title":["Lecture Notes in Computer Science","Data and Applications Security and Privacy XXXVI"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-10684-2_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,12]],"date-time":"2022-07-12T07:10:25Z","timestamp":1657609825000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-10684-2_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031106835","9783031106842"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-10684-2_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"13 July 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DBSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP Annual Conference on Data and Applications Security and Privacy","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Newark, NJ","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 July 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 July 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"36","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dbsec2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/cs.iit.edu\/~dbsec2022\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"33","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"36% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}