当前位置:
X-MOL 学术
›
Concurr. Comput. Pract. Exp.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Implementation and evaluation of the information flow control for the Internet of Things
Concurrency and Computation: Practice and Experience ( IF 1.5 ) Pub Date : 2021-04-12 , DOI: 10.1002/cpe.6311 Shigenari Nakamura 1 , Tomoya Enokido 2 , Makoto Takizawa 3
Concurrency and Computation: Practice and Experience ( IF 1.5 ) Pub Date : 2021-04-12 , DOI: 10.1002/cpe.6311 Shigenari Nakamura 1 , Tomoya Enokido 2 , Makoto Takizawa 3
Affiliation
In the Internet of Things, the CBAC (capability-based access control) model is proposed to make devices securely accessed. Here, an owner of a device issues a capability token, that is, a set of access rights, to a subject. The subject is allowed to manipulate ROs (resource objects) in the device according to access rights in the capability token. In the CBAC model, there is a problem a subject sbi can obtain data of an RO by accessing the data in an RO after the data are brought to the RO even if the subject sbi is not allowed to obtain the data from the RO . Here, the data in the RO illegally flow to the subject sbi. In our previous studies, the OI (operation interruption) protocol where illegal operations are interrupted is proposed and evaluated in the simulation. In this article, we implement the OI protocol and evaluate the authorization process of the OI protocol in terms of the execution time. In the evaluation, we make clear the features of the execution time of authorization processes for GET, PUT, POST, and DELETE operations in the OI protocol.
中文翻译:
物联网信息流控制的实现与评估
在物联网中,提出了CBAC(基于能力的访问控制)模型来使设备安全访问。这里,设备的所有者向主体颁发能力令牌,即一组访问权限。主体可以根据能力令牌中的访问权限操作设备中的 RO(资源对象)。在CBAC模型中,存在这样的问题的受试者SB我能够获得RO的数据通过访问在RO中的数据之后的数据被带到RO即使被摄体SB我不允许从RO获取数据. 这里,RO中的数据非法流向主体sb i. 在我们之前的研究中,在模拟中提出并评估了中断非法操作的 OI(操作中断)协议。在本文中,我们实现了 OI 协议,并从执行时间方面评估了 OI 协议的授权过程。在评测中,我们明确了OI协议中GET、PUT、POST、DELETE操作的授权流程执行时间的特点。
更新日期:2021-04-12
中文翻译:
物联网信息流控制的实现与评估
在物联网中,提出了CBAC(基于能力的访问控制)模型来使设备安全访问。这里,设备的所有者向主体颁发能力令牌,即一组访问权限。主体可以根据能力令牌中的访问权限操作设备中的 RO(资源对象)。在CBAC模型中,存在这样的问题的受试者SB我能够获得RO的数据通过访问在RO中的数据之后的数据被带到RO即使被摄体SB我不允许从RO获取数据. 这里,RO中的数据非法流向主体sb i. 在我们之前的研究中,在模拟中提出并评估了中断非法操作的 OI(操作中断)协议。在本文中,我们实现了 OI 协议,并从执行时间方面评估了 OI 协议的授权过程。在评测中,我们明确了OI协议中GET、PUT、POST、DELETE操作的授权流程执行时间的特点。