Evaluation of an OI (Operation Interruption) Protocol to Prevent Illegal Information Flow in the IoT

Abstract

Various types and millions of nodes including not only computers like servers but also devices like sensors and actuators are interconnected in the IoT (Internet of Things). Here, devices have to be prevented from maliciously accessed. The CapBAC (Capability-Based Access Control) model is proposed to make IoT devices secure. In the CapBAC model, an owner of a device issues a capability token, i.e. a set of access rights to a subject. Here, the subject is allowed to manipulate the device according to the access rights authorized in the capability token. Suppose a subject \(sb_i\) is allowed to get data from a device \(d_2\) but not allowed to get data from a device \(d_1\). If another subject can get data from the device \(d_1\) and sends the data to the device \(d_2\), the subject \(sb_i\) can get the data of the device \(d_1\) from the device \(d_2\). Here, the data in the device \(d_1\) illegally flows to the subject \(sb_i\). In order to prevent illegal information flow, an OI (Operation Interruption) protocol is proposed in our previous studies. Here, illegal get operations are interrupted. In this paper, we evaluate the OI protocol in terms of the number of illegal get operations. In the evaluation, we show the ratio of the number of illegal get operations to the total number of get operations is kept constant even if the number of subjects increases in the OI protocol.