Abstract
The FC (Fog Computing) model is discussed to implement the IoT (Internet of Things). Here, it is significant to protect fog nodes and devices from malicious accesses since the both are only supported with poor computation resources. The CBAC (Capability-Based Access Control) model is useful because each node can just check a capability token carried with an access request. Sensor data is obtained from a device and stored in another device by an authorized subjects who are granted tokens. However, even unauthorized subjects get the data from another device, i.e. illegal information flow. In the FC model, nodes receive sensor data from devices and send processed data to another nodes. In addition to devices, we have to prevent illegal information flow among nodes. Since sensor data for devices is processed and new data is generated by nodes, it is critical to discuss how much sensor data is included in data sent by nodes. We discuss a concept of component degree of each data which nodes exchange. By taking advantage of the concept, we newly propose an RR (Request Rejection) protocol for preventing illegal information flow among nodes. In the evaluation, we show the ratio of requests rejected to all the requests of nodes in the RR protocol.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bonomi, F., Milito, R., Zhu, J., Addepall, S.: Fog computing and its role in the internet of things. In: Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, pp. 13–16 (2012)
Chavhan, S., Gupta, D., Chandana, B.N., Khanna, A., Rodrigues, J.J.P.C.: Iot-based context-aware intelligent public transport system in a metropolitan area. IEEE Internet Things J. 7(7), 6023–6034 (2020)
Denning, D.E.R.: Cryptography and Data Security. Addison Wesley, Boston (1982)
Fernandez, E.B., Summers, R.C., Wood, C.: Database Security and Integrity. Adison Wesley, Boston (1980)
Gungor, V.C., et al.: Smart grid and smart homes: key players and pilot projects. IEEE Ind. Electron. Mag. 6(4), 18–34 (2012)
Gusmeroli, S., Piccione, S., Rotondi, D.: A capability-based security approach to manage access control in the internet of things. Math. Comput. Model. 58(5–6), 1189–1205 (2013)
Hanes, D., Salgueiro, G., Grossetete, P., Barton, R., Henry, J.: IoT Fundamentals: Networking Technologies, Protocols, and Use Cases for the Internet of Things. Cisco Press, Indianapolis (2018)
Hernández-Ramos, J.L., Jara, A.J., Marín, L., Skarmeta, A.F.: Distributed capability-based access control for the internet of things. J. Internet Serv. Inf. Secur. 3(3/4), 1–16 (2013)
Islam, S.M.R., Kwak, D., Kabir, M.H., Hossain, M., Kwak, K.S.: The internet of things for health care: a comprehensive survey. IEEE Access 3, 678–708 (2015)
Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M.: A read-write abortion protocol to prevent illegal information flow in role-based access control systems. Int. J. Space-Based Situated Comput. 6(1), 43–53 (2016)
Nakamura, S., Enokido, T., Takizawa, M.: Information flow control based on the CapBAC (capability-based access control) model in the IoT. Int. J. Mobile Comput. Multimed. Commun. 10(4), 13–25 (2019)
Nakamura, S., Enokido, T., Takizawa, M.: Information flow control in object-based peer-to-peer publish/subscribe systems. Concurrency Comput.: Pract. Exp. 32(8), e5118 (2020)
Nakamura, S., Enokido, T., Takizawa, M.: Implementation and evaluation of the information flow control for the internet of things. Concurrency Comput.: Pract. Exp. 33(19), e6311 (2021)
Nakamura, S., Enokido, T., Takizawa, M.: Information flow control based on capability token validity for secure IoT: implementation and evaluation. Internet Things 15, 100423 (2021)
Nakamura, S., Enokido, T., Takizawa, M.: Traffic reduction for information flow control in the IoT. In: Barolli, L. (ed.) BWCCA 2021. LNNS, vol. 346, pp. 67–77. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-90072-4_7
Nakamura, S., Enokido, T., Takizawa, M.: Capability token selection algorithms to implement lightweight protocols. Internet Things 19, 100542 (2022)
Nakamura, S., Enokido, T., Takizawa, M.: Capability-based access control model for fog computing model. In: Barolli, L. (ed.) NBiS 2023, vol. 183, pp. 79–85. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-40978-3_9
Oma, R., Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M.: An energy-efficient model for fog computing in the internet of things (IoT). Internet Things 1–2, 14–26 (2018)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29(2), 38–47 (1996)
Yuan, E., Tong, J.: Attributed based access control (ABAC) for web services. In: Proceedings of the IEEE International Conference on Web Services (ICWS 2005), p. 569 (2005)
Acknowledgements
This work is partially supported by Japan Society for the Promotion of Science (JSPS) KAKENHI Grant Numbers JP22K12018 and JP23K16887.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Nakamura, S., Enokido, T., Takizawa, M. (2024). Information Flow Control in the Fog Computing Model Based on a Component Degree Concept. In: Barolli, L. (eds) Advances on Broad-Band and Wireless Computing, Communication and Applications. BWCCA 2023. Lecture Notes on Data Engineering and Communications Technologies, vol 186. Springer, Cham. https://doi.org/10.1007/978-3-031-46784-4_4
Download citation
DOI: https://doi.org/10.1007/978-3-031-46784-4_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-46783-7
Online ISBN: 978-3-031-46784-4
eBook Packages: EngineeringEngineering (R0)