Design and Implementation of the TBOI (Time-Based Operation Interruption) Protocol to Prevent Late Information Flow in the IoT

In the CBAC (Capability-Based Access Control) model proposed for the IoT (Internet of Things), authorizers, e.g. device owners, issue capability tokens, i.e. a set of access rights on resource objects in devices, to subjects. Since data of a device are stored in another device through communication among subjects and devices, a subject sb can get data of a resource object \(r^1\) by accessing another resource object \(r^2\) even if the subject sb is not allowed to get the data from the resource object \(r^1\). Here, an illegal information flow from the resource object \(r^1\) to the subject sb occurs. In addition, each capability token is valid only for some time period. Suppose, data generated at time \(\tau \) flow to a subject sb at time \(\tau '\) (\(> \tau \)). If the subject sb is allowed to get data at time \(\tau '\) but not at time \(\tau \), the subject sb should not receive the data. Here, the information flow is referred to as late. In our previous studies, the OI (Operation Interruption) and TBOI (Time-Based OI) protocols are proposed to prevent operations implying only illegal information flow and both illegal and late information flows, respectively. In this paper, we discuss the design and implementation of a device supporting the TBOI protocol and evaluate an authorization process of the TBOI protocol in terms of the execution time. In the evaluation, we show the late information flow is prevented in addition to the illegal one in the TBOI protocol although the execution time is almost the same as the OI protocol.