Abstract
In the IoT (Internet of Things), the CBAC (Capability-Based Access Control) model is proposed to make sensor and actuator devices secure. Here, an owner of a device issues a capability token, i.e. a set of access rights to a subject. The subject is then allowed to manipulate resource objects in the device according to the access rights in the capability token. There is a problem a subject sb can get data from a resource object \(r^1\) brought to another resource \(r^2\) by getting the data from the resource \(r^2\) even if the subject sb is not allowed to get data from the resource \(r^1\). Here, the data in the resource \(r^1\) illegally flow to the subject sb. In our previous studies, the OI (Operation Interruption) protocol is proposed where illegal operations are interrupted and is evaluated in the simulation. In this paper, we implement a device supporting the OI protocol and evaluate the authorization process of the OI protocol in terms of the execution time. In the evaluation, we make clear the features of the execution time of the authorization process for get and put operations in the OI protocol.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Raspberry Pi 3 model B+. https://www.raspberrypi.org/products/raspberry-pi-3-model-b-plus/
Raspbian, version 10.3, 13 Februrary 2020. https://www.raspbian.org/
Denning, D.E.R.: Cryptography and Data Security. Addison Wesley, Boston (1982)
Fernandez, E.B., Summers, R.C., Wood, C.: Database Security and Integrity. Adison Wesley, Boston (1980)
Gusmeroli, S., Piccione, S., Rotondi, D.: A capability-based security approach to manage access control in the Internet of Things. Math. Comput. Model. 58(5–6), 1189–1205 (2013)
Hanes, D., Salgueiro, G., Grossetete, P., Barton, R., Henry, J.: IoT Fundamentals: Networking Technologies, Protocols, and Use Cases for the Internet of Things. Cisco Press, Indianapolis (2018)
Hernández-Ramos, J.L., Jara, A.J., Marín, L., Skarmeta, A.F.: Distributed capability-based access control for the internet of things. J. Internet Serv. Inf. Secur. 3(3/4), 1–16 (2013)
Nakamura, S., Enokido, T., Takizawa, M.: Time-based legality of information flow in the capability-based access control model for the internet of things. Concurr. Comput. Pract. Exp. https://doi.org/10.1002/cpe.5944
Nakamura, S., Enokido, T., Takizawa, M.: A flexible read-write abortion protocol with role safety concept to prevent illegal information flow. J. Ambient Intell. Humaniz. Comput. 9(5), 1415–1425 (2018)
Nakamura, S., Enokido, T., Takizawa, M.: Causally ordering delivery of event messages in p2 PPSO systems. Cogn. Syst. Res. 56, 167–178 (2019)
Nakamura, S., Enokido, T., Takizawa, M.: Information flow control based on the CAPBAC (capability-based access control) model in the IoT. Int. J. Mobile Comput. Multimedia Commun. 10(4), 13–25 (2019)
Nakamura, S., Enokido, T., Takizawa, M.: Information flow control in object-based peer-to-peer publish/subscribe systems. Concurr. Comput. Pract. Exp. 32(8), e5118 (2020)
Ogiela, L., Ogiela, M.R.: Cognitive security paradigm for cloud computing applications. Concurr. Comput. Pract. Exp. 32(8), e5316 (2020)
Sandhu, R.S.: Lattice-based access control models. Computer 26(11), 9–19. IEEE (1993)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47. IEEE (1996)
Shelby, Z., Hartke, K., Bormann, C.: Constrained application protocol (COAP). IFTF Internet-draft (2013). http://tools.ietf.org/html/draft-ietf-core-coap-18
Tanganelli, G., Vallati, C., Mingozzi, E.: Coapthon: Easy development of COAP-based IoT applications with python. In: IEEE 2nd World Forum on Internet of Things (WF-IoT 2015), pp. 63–68 (2015)
Warner, B.: python-ecdsa-0.11, March 11, 2014. https://github.com/ecdsa/python-ecdsa
Yuan, E., Tong, J.: Attributed based access control (ABAC) for web services. In: Proceedings of the IEEE International Conference on Web Services (ICWS 2005) (2005)
Acknowledgements
This work was supported by Japan Society for the Promotion of Science (JSPS) KAKENHI Grant Number JP20K23336.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Nakamura, S., Enokido, T., Ogiela, L., Takizawa, M. (2021). Implementation of a Device Adopting the OI (Operation Interruption) Protocol to Prevent Illegal Information Flow in the IoT. In: Barolli, L., Natwichai, J., Enokido, T. (eds) Advances in Internet, Data and Web Technologies. EIDWT 2021. Lecture Notes on Data Engineering and Communications Technologies, vol 65. Springer, Cham. https://doi.org/10.1007/978-3-030-70639-5_16
Download citation
DOI: https://doi.org/10.1007/978-3-030-70639-5_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-70638-8
Online ISBN: 978-3-030-70639-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)