Information Flow Control with minimal tag disclosure

Hajoon Ko, Jatinder Singh, Thomas F.J.M. Pasquier, Changyu Dong, David Eyers, Jean Bacon

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)


Information Flow Control (IFC) extends conventional access control beyond application boundaries, and allows control of data flows after a point of authorised data disclosure. In a deployment of IFC within a cloud operating system (OS), the IFC implementation can be trusted by applications running over the same OS instance. In an IFC deployment within a widely distributed system, such as in the Internet of Things, the potential for trustworthy enforcement of IFC must be ascertained during connection establishment. IFC is based on tagging data in line with data management requirements. When audit is included as part of IFC, it can be shown that a system complies with these requirements. In this paper, we consider the possibility that some tags may be sensitive and discuss the use of Private Set Intersection (PSI) to prevent unnecessary disclosure of IFC tags during the establishment of communication channels. The proposed approach guarantees that on authorised flows, only the tags necessary for that interaction are disclosed and that no tags are disclosed for prevented flows. This functionality is particularly important in contexts such as healthcare, where privacy and confidentiality are paramount.

Original languageEnglish
Title of host publicationProceedings of the International Conference on Internet of Things and Cloud Computing, ICC 2016
PublisherAssociation for Computing Machinery (ACM)
ISBN (Electronic)9781450340632
Publication statusPublished - 22 Mar 2016
EventInternational Conference on Internet of Things and Cloud Computing, ICC 2016 - Cambridge, United Kingdom
Duration: 22 Mar 201623 Mar 2016


ConferenceInternational Conference on Internet of Things and Cloud Computing, ICC 2016
Country/TerritoryUnited Kingdom


  • Information Flow Control
  • Private set intersection


Dive into the research topics of 'Information Flow Control with minimal tag disclosure'. Together they form a unique fingerprint.

Cite this