当前位置: X-MOL 学术Concurr. Comput. Pract. Exp. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Implementation and evaluation of the information flow control for the Internet of Things
Concurrency and Computation: Practice and Experience ( IF 1.5 ) Pub Date : 2021-04-12 , DOI: 10.1002/cpe.6311
Shigenari Nakamura 1 , Tomoya Enokido 2 , Makoto Takizawa 3
Affiliation  

In the Internet of Things, the CBAC (capability-based access control) model is proposed to make devices securely accessed. Here, an owner of a device issues a capability token, that is, a set of access rights, to a subject. The subject is allowed to manipulate ROs (resource objects) in the device according to access rights in the capability token. In the CBAC model, there is a problem a subject sbi can obtain data of an RO urn:x-wiley:cpe:media:cpe6311:cpe6311-math-0001 by accessing the data in an RO urn:x-wiley:cpe:media:cpe6311:cpe6311-math-0002 after the data are brought to the RO urn:x-wiley:cpe:media:cpe6311:cpe6311-math-0003 even if the subject sbi is not allowed to obtain the data from the RO urn:x-wiley:cpe:media:cpe6311:cpe6311-math-0004. Here, the data in the RO urn:x-wiley:cpe:media:cpe6311:cpe6311-math-0005 illegally flow to the subject sbi. In our previous studies, the OI (operation interruption) protocol where illegal operations are interrupted is proposed and evaluated in the simulation. In this article, we implement the OI protocol and evaluate the authorization process of the OI protocol in terms of the execution time. In the evaluation, we make clear the features of the execution time of authorization processes for GET, PUT, POST, and DELETE operations in the OI protocol.

中文翻译:

物联网信息流控制的实现与评估

在物联网中,提出了CBAC(基于能力的访问控制)模型来使设备安全访问。这里,设备的所有者向主体颁发能力令牌,即一组访问权限。主体可以根据能力令牌中的访问权限操作设备中的 RO(资源对象)。在CBAC模型中,存在这样的问题的受试者SB能够获得RO的数据urn:x-wiley:cpe:media:cpe6311:cpe6311-math-0001通过访问在RO中的数据urn:x-wiley:cpe:media:cpe6311:cpe6311-math-0002之后的数据被带到ROurn:x-wiley:cpe:media:cpe6311:cpe6311-math-0003即使被摄体SB不允许从RO获取数据urn:x-wiley:cpe:media:cpe6311:cpe6311-math-0004. 这里,RO中的数据urn:x-wiley:cpe:media:cpe6311:cpe6311-math-0005非法流向主体sb i. 在我们之前的研究中,在模拟中提出并评估了中断非法操作的 OI(操作中断)协议。在本文中,我们实现了 OI 协议,并从执行时间方面评估了 OI 协议的授权过程。在评测中,我们明确了OI协议中GET、PUT、POST、DELETE操作的授权流程执行时间的特点。
更新日期:2021-04-12
down
wechat
bug