Access control in building automation and control systems

No Thumbnail Available
Journal Title
Journal ISSN
Volume Title
School of Science | Master's thesis
Checking the digitized thesis and permission for publishing
Instructions for the author
Degree programme
Building Automation and Control Systems (BACS) are being deployed in commercial buildings to enable monitoring and control of the various intelligent systems like HVAC, safety, access and lighting systems. Lighting is an integral part of BACS, allowing for optimized lighting operation where Lighting devices interact with each other, with users, and with other third party systems such as energy management. A key need when interacting is the controlled and trustworthy access to services so that only authenticated and authorized entities can have access and control to the services provided by a device. However, secure authentication and authorization is not easy due to the large-scale nature of future BACS comprising many resource-constrained sensors and actuators distributed in the building. The thesis presents centralized and distributed access control architecture designs for BACS based on their requirements and constraints. We further present a hybrid version of an access control architecture which improves existing centralized or distributed access control methods. The hybrid version allows for the deployment of re-encoded access control policies to the accessed devices under request. Re-encoding serves the purpose of efficient storage and evaluation of the policies in the resource constrained devices. The proposed access control systems can be applied to generic BACS and run on top of communication protocols such as ZigBee or 6LoWPAN/CoAP. We have further implemented a prototype to prove the concept on actual field devices used by Philips Lighting. The operating system used by devices is Contiki-OS. The final system requires 10KBs of FLASH and allows caching of access control policies in the device. The access control system can be used in applications scenarios related to the Internet of Things.
Aura, Tuomas
Thesis advisor
Kumar, Sandeep
Morchon Garcia, Oscar
Keoh, Sye Loong
building automation, security, access control, sensor networks, constraint devices
Other note