Abstract
In the CBAC (Capability-Based Access Control) model for the IoT (Internet of Things), subjects are issued capability tokens, i.e. a set of access rights on objects in devices, by device owners. Objects are data resource in a device which are used to store sensor data and action data. Through manipulating objects of devices, data are exchanged among subjects and objects. Here, the illegal information flow and the late information flow occur and subjects can get data which the subjects are not allowed to get. In our previous studies, protocols are implemented to interrupt operations implying both illegal and late types of information flows. Here, the request processing time takes longer as the number of capability tokens whose signatures are verified in devices increases. Hence, an MRCTSD (Minimum Required Capability Token Selection for Devices) algorithm to reduce the number of capability tokens used is proposed. However, the more number of capability tokens are sent from subjects, the more complex the capability token selections are. Since the devices support just low processing power and smaller size of memory, it is important to avoid concentrating loads in devices. In this paper, MRCTSS (MRCTS for Subjects) algorithm where subjects selects minimum required capability tokens and sends them to devices is proposed. In the evaluation, it is shown that the size of a UDP datagram in a get access request is made smaller by the MRCTSS algorithm.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Raspberry pi 3 model b+. https://www.raspberrypi.org/products/raspberry-pi-3-model-b-plus/
Raspbian, version 10.3, 13 February, 2020. https://www.raspbian.org/. Accessed 11 March 2020
Date, C.J.: An Introduction to Database Systems, 8th edn. Addison Wesley, Boston, MA, USA (2003)
Denning, D.E.R.: Cryptography and Data Security. Addison Wesley, Boston, MA, USA (1982)
Hanes, D., Salgueiro, G., Grossetete, P., Barton, R., Henry, J.: IoT Fundamentals: Networking Technologies, Protocols, and Use Cases for the Internet of Things. Cisco Press, Indianapolis, IN, USA (2018)
Hernández-Ramos, J.L., Jara, A.J., MarÃn, L., Skarmeta, A.F.: Distributed capability-based access control for the internet of things. J. Internet Serv. Inf. Secur. 3(3/4), 1–16 (2013)
Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ecdsa). Int. J. Inf. Secur. 1(1), 36–63 (2001)
Nakamura, S., Duolikun, D., Aikebaier, A., Enokido, T., Takizawa, M.: Read-write abortion (RWA) based synchronization protocols to prevent illegal information flow. In: Proceedings of the 17th International Conference on Network-Based Information Systems, pp. 120–127 (2014)
Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M.: A read-write abortion protocol to prevent illegal information flow in role-based access control systems. Int. J. Space-Based Situated Comput. 6(1), 43–53 (2016)
Nakamura, S., Enokido, T., Takizawa, M.: Causally ordering delivery of event messages in P2PPSO systems. Cogn. Syst. Res. 56, 167–178 (2019)
Nakamura, S., Enokido, T., Takizawa, M.: Information flow control in object-based peer-to-peer publish/subscribe systems. Concurrency Comput. Pract. Exp. 32(8), e5118 (2020)
Nakamura, S., Enokido, T., Takizawa, M.: A capability token selection algorithm for lightweight information flow control in the IoT. In: Proceedings of the 24th International Conference on Network-Based Information Systems, pp. 23–34 (2021)
Nakamura, S., Enokido, T., Takizawa, M.: Implementation and evaluation of the information flow control for the internet of things. Concurrency Comput. Pract. Exp. (2021). https://doi.org/10.1002/cpe.6311
Nakamura, S., Enokido, T., Takizawa, M.: Information flow control based on capability token validity for secure IoT: implementation and evaluation. IoT Eng. Cyber Phys. Hum. (2021). https://doi.org/10.1016/j.iot.2021.100423
Oma, R., Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M.: An energy-efficient model for fog computing in the internet of things (IoT). IoT Eng. Cyber Phys. Hum. Syst. 1-2, 14–26 (2018)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29(2), 38–47 (1996)
Shelby, Z., Hartke, K., Bormann, C.: Constrained application protocol (COAP). IFTF Internet-draft (2013). http://tools.ietf.org/html/draft-ietf-core-coap-18
Tanganelli, G., Vallati, C., Mingozzi, E.: CoAPthon: Easy development of CoAP-based IoT applications with python. In: IEEE 2nd World Forum on Internet of Things (WF-IoT 2015), pp. 63–68 (2015)
Yuan, E., Tong, J.: Attributed based access control (ABAC) for web services. In: Proceedings of the IEEE International Conference on Web Services (ICWS 2005), p. 569 (2005)
Acknowledgements
This work was supported by Japan Society for the Promotion of Science (JSPS) KAKENHI Grant Number JP20K23336.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Nakamura, S., Enokido, T., Takizawa, M. (2022). Traffic Reduction for Information Flow Control in the IoT. In: Barolli, L. (eds) Advances on Broad-Band Wireless Computing, Communication and Applications. BWCCA 2021. Lecture Notes in Networks and Systems, vol 346. Springer, Cham. https://doi.org/10.1007/978-3-030-90072-4_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-90072-4_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-90071-7
Online ISBN: 978-3-030-90072-4
eBook Packages: EngineeringEngineering (R0)