Abstract
Information Flow Control (IFC) extends conventional access control beyond application boundaries, and allows control of data flows after a point of authorised data disclosure. In a deployment of IFC within a cloud operating system (OS), the IFC implementation can be trusted by applications running over the same OS instance. In an IFC deployment within a widely distributed system, such as in the Internet of Things, the potential for trustworthy enforcement of IFC must be ascertained during connection establishment. IFC is based on tagging data in line with data management requirements. When audit is included as part of IFC, it can be shown that a system complies with these requirements. In this paper, we consider the possibility that some tags may be sensitive and discuss the use of Private Set Intersection (PSI) to prevent unnecessary disclosure of IFC tags during the establishment of communication channels. The proposed approach guarantees that on authorised flows, only the tags necessary for that interaction are disclosed and that no tags are disclosed for prevented flows. This functionality is particularly important in contexts such as healthcare, where privacy and confidentiality are paramount.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the International Conference on Internet of Things and Cloud Computing, ICC 2016 |
| Publisher | Association for Computing Machinery |
| Volume | 22-23-March-2016 |
| ISBN (Electronic) | 9781450340632 |
| DOIs | |
| Publication status | Published - 22 Mar 2016 |
| Event | International Conference on Internet of Things and Cloud Computing, ICC 2016 - Cambridge, United Kingdom Duration: 22 Mar 2016 → 23 Mar 2016 |
Conference
| Conference | International Conference on Internet of Things and Cloud Computing, ICC 2016 |
|---|---|
| Country/Territory | United Kingdom |
| City | Cambridge |
| Period | 22/03/16 → 23/03/16 |
Keywords
- Information Flow Control
- Private set intersection