Abstract
In the IoT (Internet of Things), sensor data is transmitted to servers in networks and processed by application processes on the servers. In the FC (Fog Computing) model of the IoT, fog nodes and device nodes have to be protected from malicious accesses. We take the CBAC (Capability-Based Access Control) model to control accesses to fog nodes and device nodes because it is sufficient for each node to check a capability token carried with an access request. As discussed in our previous studies, if data moves from a device node \(d_i\) to another device node \(d_j\) by some subject, even if subjects are not allowed to access to the data of the device node \(d_i\), the subjects may get the data from the device node \(d_j\), i.e. illegal information flow. Furthermore, a fog node generates a new output data by processing input data from other fog nodes. We newly propose a concept of component degree of each data transmitted among nodes, which shows how much sensor data is included in the data. Based on the component degree concept, we newly discuss information flow among fog nodes in the CBAC model.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bonomi, F., Milito, R., Zhu, J., Addepall, S.: Fog computing and its role in the internet of things. In: Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, pp. 13–16 (2012)
Denning, D.E.R.: Cryptography and Data Security. Addison Wesley, Boston, MA, USA (1982)
Dillon, T., Wu, C., Chang, E.: Cloud computing: issues and challenges. In: Proceedings of IEEE the 24th IEEE International Conference on Advanced Information Networking and Applications, pp. 27–33 (2010)
Gusmeroli, S., Piccione, S., Rotondi, D.: A capability-based security approach to manage access control in the internet of things. Math. Comput. Model. 58(5–6), 1189–1205 (2013)
Hanes, D., Salgueiro, G., Grossetete, P., Barton, R., Henry, J.: IoT Fundamentals: Networking Technologies, Protocols, and Use Cases for the Internet of Things. Cisco Press, Indianapolis, IN, USA (2018)
Hernández-Ramos, J.L., Jara, A.J., Marín, L., Skarmeta, A.F.: Distributed capability-based access control for the internet of things. J. Internet Serv. Inf. Secur. 3(3/4), 1–16 (2013)
Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M.: A read-write abortion protocol to prevent illegal information flow in role-based access control systems. Int. J. Space-Based Situated Comput. 6(1), 43–53 (2016)
Nakamura, S., Enokido, T., Takizawa, M.: Information flow control in object-based peer-to-peer publish/subscribe systems. Concurr. Comput.: Pract. Exp. 32(8), e5118 (2020)
Nakamura, S., Enokido, T., Takizawa, M.: Implementation and evaluation of the information flow control for the internet of things. Concurr. Comput.: Pract. Exp. 33(19), e6311 (2021)
Nakamura, S., Enokido, T., Takizawa, M.: Information flow control based on capability token validity for secure IoT: implementation and evaluation. Internet Things 15, 100423 (2021)
Nakamura, S., Enokido, T., Takizawa, M.: Traffic reduction for information flow control in the IoT. In: Proceedings of the 16th International Conference on Broad-Band Wireless Computing, Communication and Applications, pp. 67–77 (2021)
Nakamura, S., Enokido, T., Takizawa, M.: Capability token selection algorithms to implement lightweight protocols. Internet Things 19, 100542 (2022)
Oma, R., Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M.: An energy-efficient model for fog computing in the internet of things (IoT). Internet Things 1–2, 14–26 (2018)
Acknowledgements
This work is partially supported by Japan Society for the Promotion of Science (JSPS) KAKENHI Grant Numbers JP22K12018 and JP23K16887.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Nakamura, S., Enokido, T., Takizawa, M. (2023). Capability-Based Access Control Model for Fog Computing Model. In: Barolli, L. (eds) Advances in Networked-based Information Systems. NBiS 2023. Lecture Notes on Data Engineering and Communications Technologies, vol 183. Springer, Cham. https://doi.org/10.1007/978-3-031-40978-3_9
Download citation
DOI: https://doi.org/10.1007/978-3-031-40978-3_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-40977-6
Online ISBN: 978-3-031-40978-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)