Abstract
Various types and millions of nodes including not only computers like servers but also devices like sensors and actuators are interconnected in the IoT (Internet of Things). Here, devices have to be prevented from maliciously accessed. The CapBAC (Capability-Based Access Control) model is proposed to make IoT devices secure. In the CapBAC model, an owner of a device issues a capability token, i.e. a set of access rights to a subject. Here, the subject is allowed to manipulate the device according to the access rights authorized in the capability token. Suppose a subject \(sb_i\) is allowed to get data from a device \(d_2\) but not allowed to get data from a device \(d_1\). If another subject can get data from the device \(d_1\) and sends the data to the device \(d_2\), the subject \(sb_i\) can get the data of the device \(d_1\) from the device \(d_2\). Here, the data in the device \(d_1\) illegally flows to the subject \(sb_i\). In order to prevent illegal information flow, an OI (Operation Interruption) protocol is proposed in our previous studies. Here, illegal get operations are interrupted. In this paper, we evaluate the OI protocol in terms of the number of illegal get operations. In the evaluation, we show the ratio of the number of illegal get operations to the total number of get operations is kept constant even if the number of subjects increases in the OI protocol.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Denning, D.E.R.: Cryptography and Data Security. Addison Wesley, Boston (1982)
Fernandez, E.B., Summers, R.C., Wood, C.: Database Security and Integrity. Adison Wesley, Boston (1980)
Gusmeroli, S., Piccione, S., Rotondi, D.: A capability-based security approach to manage access control in the internet of things. Math. Comput. Model. 58(5–6), 1189–1205 (2013)
Hernández-Ramos, J.L., Jara, A.J., MarÃn, L., Skarmeta, A.F.: Distributed capability-based access control for the internet of things. J. Internet Serv. Inf. Secur. 3(3/4), 1–16 (2013)
Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M.: A flexible read-write abortion protocol to prevent illegal information flow among objects. J. Mob. Multimed. 11(3&4), 263–280 (2015)
Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M.: A write abortion-based protocol in role-based access control systems. Int. J. Adapt. Innov. Syst. 2(2), 142–160 (2015)
Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M.: A read-write abortion protocol to prevent illegal information flow in role-based access control systems. Int. J. Space Based Situated Comput. 6(1), 43–53 (2016)
Nakamura, S., Enokido, T., Barolli, L., Takizawa, M.: Capability-based information flow control model in the IoT. In: Proceedings of the 13th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, pp. 63–71 (2019)
Nakamura, S., Enokido, T., Takizawa, M.: Information flow control in object-based peer-to-peer publish/subscribe systems. Concurrency and Computation: Practice and Experience (accepted)
Nakamura, S., Enokido, T., Takizawa, M.: Causally ordering delivery of event messages in P2 PPSO systems. Cogn. Syst. Res. 56, 167–178 (2019)
Nakamura, S., Ogiela, L., Enokido, T., Takizawa, M.: An information flow control model in a topic-based publish/subscribe system. J. High Speed Netw. 24(3), 243–257 (2018)
Ogiela, L.: Intelligent techniques for secure financial management in cloud computing. Electron. Commer. Res. Appl. 14(6), 456–464 (2015)
Ogiela, M.R., Ogiela, L.: On using cognitive models in cryptography. In: Proceedings of IEEE the 30th International Conference on Advanced Information Networking and Applications (AINA 2016), pp. 1055–1058 (2016)
Sandhu, R.S.: Lattice-based access control models. IEEE Comput. 26(11), 9–19 (1993)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29(2), 38–47 (1996)
Yuan, E., Tong, J.: Attributed based access control (ABAC) for web services. In: Proceedings of the IEEE International Conference on Web Services (ICWS 2005) (2005)
Acknowledgements
This work was supported by Japan Society for the Promotion of Science (JSPS) KAKENHI Grant Number JP17J00106.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Nakamura, S., Enokido, T., Takizawa, M. (2020). Evaluation of an OI (Operation Interruption) Protocol to Prevent Illegal Information Flow in the IoT. In: Barolli, L., Nishino, H., Enokido, T., Takizawa, M. (eds) Advances in Networked-based Information Systems. NBiS - 2019 2019. Advances in Intelligent Systems and Computing, vol 1036. Springer, Cham. https://doi.org/10.1007/978-3-030-29029-0_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-29029-0_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-29028-3
Online ISBN: 978-3-030-29029-0
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)