An information flow control model in a topic-based publish/subscribe system

2019

Self Cite

Summary In this paper, we propose a P2PPSO (P2P [peer‐to‐peer] type of topic‐based Publish/Subscribe with Object concept) model, where each peer process (peer) exchanges objects by publishing and receiving event messages with no centralized coordinator. In addition, objects are characterized by topics. Suppose an event message ej published by a peer pj carries an object on some topics into a target peer pi. Here, information in the peer pj illegally flows to the peer pi if the target peer pi is not allowed to subscribe the topics. An illegal object is an object whose topics a target peer is not allowed to subscribe. Even if an event message is received by a target peer by checking topics, objects carried by the event message may be illegal at the target peer. In this paper, we propose a TOBS (topics‐of‐objects–based synchronization) protocol to prevent target peers from receiving illegal objects in the P2PPSO model. Here, even if an event message is received by a target peer, illegal objects in the event message are not delivered to the target peer. In the evaluation, we show how many event messages carry illegal objects in the TOBS protocol.

Section: System Modelmentioning

confidence: 99%

Section: Related Studiesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Information flow control in object‐based peer‐to‐peer publish/subscribe systems

2019

Self Cite

Time‐based legality of information flow in the capability‐based access control model for the Internet of Things

2020

Self Cite

The Internet of Things is composed of sensor and actuator devices. Devices have to be securely accessed by subjects. In this article, we take the capability-based access control (CBAC) model where a subject is issued a capability token to manipulate a device by a device owner. In the CBAC model, information which a subject is not allowed to get may illegally flow to the subject. Hence, the operation interruption (OI) protocol to prevent illegal information flow is proposed in our previous studies. However, although a subject is not allowed to get data at time 𝜏, the subject can get the data later than the time 𝜏. Here, the data come to the subject later than expected by the subject to get the data, that is, the information flows late to the subject. In this article, we newly propose a time-based OI (TBOI) protocol to prevent not only illegal information flow but also late information flow. Here, operations implying illegal or late information flow are interrupted, that is, not performed at devices. In the evaluation, we show not only illegal information flow but also late information flow are prevented in the TBOI protocol differently from the OI protocol.

Implementation and evaluation of the information flow control for the Internet of Things

2021

Self Cite

In the Internet of Things, the CBAC (capability-based access control) model is proposed to make devices securely accessed. Here, an owner of a device issues a capability token, that is, a set of access rights, to a subject. The subject is allowed to manipulate ROs (resource objects) in the device according to access rights in the capability token. In the CBAC model, there is a problem a subject sb i can obtain data of an RO r k m by accessing the data in an RO r l n after the data are brought to the RO r l n even if the subject sb i is not allowed to obtain the data from the RO r k m . Here, the data in the RO r k m illegally flow to the subject sb i . In our previous studies, the OI (operation interruption) protocol where illegal operations are interrupted is proposed and evaluated in the simulation.In this article, we implement the OI protocol and evaluate the authorization process of the OI protocol in terms of the execution time. In the evaluation, we make clear the features of the execution time of authorization processes for GET, PUT, POST, and DELETE operations in the OI protocol.