Multi-level models for data security in networks and in the Internet of things

Abstract

Data flow control for security is a mature research area in computer security, and its established results can be adapted to the newer area of data security in the Internet of things or the Cloud. This paper takes a fundamental approach to the problem. It shows that, under reflexivity and transitivity assumptions, any network of communicating entities can be seen as a partial order of equivalence classes of entities, which is a simplification and generalization of current theory based on the lattice concept, where lattices are generated by labelling. Networks of communicating entities can be created in many ways, including routing, access control policies (possibly involving labeling), etc. Their intrinsic partial orders are necessary and sufficient for data security, and in any such network entities will have greater or lower secrecy or integrity according to their position in the partial order. It is shown how labeling systems, capable of expressing many types of security requirements, can be constructed to assign entities to their appropriate positions in network partial orders. Established paradigms in data security, such as conflicts, conglomeration, aggregation, are introduced in examples. Then it is shown how entities can be added, removed or relocated in partial orders, as a result of events such as user or administrative action. A label-based method is described to maintain security requirements through such transformations. Efficient algorithms exist to implement these concepts, they are applications of transitive closure algorithms and strongly connected component algorithms.