CLAP: Compact Labeling Scheme for Attribute-Based IoT Policy control

In order to create services using IoT devices, the underlying network infrastructure must support large number of such devices with different underlying protocols, and diverse requirements from the service applications (privacy, reliability and QoS guarantee, etc.). Many of these requirements can be realized by implementing an in-network packet forwarding policy in the infrastructure supporting direct device-to-device communications. However, with large number of devices deployed in the IoT network, the number of rules required for policy enforcement grows very rapidly, and it becomes an infrastructural challenge to installing and managing the rules in switches/routers. We argue that attaching service and role-based labels to address IoT devices can significantly reduce the number of rules by using wild-cards. We formulate a scheme that can produce the optimum length labels for representing the service attributes of the communicating IoT devices. Due to non-convex nature of the optimization, we develop two heuristic solutions for the label generating scheme. Through evaluation using a simulated but practical IoT network environment with large number of devices, we demonstrate the benefits of the scheme that can reduce the number of rules by several orders of multitude.

[1]  T. V. Lakshman,et al.  SDN-based service automation for IoT , 2017, 2017 IEEE 25th International Conference on Network Protocols (ICNP).

[2]  Gonzalo Mateos,et al.  Health Monitoring and Management Using Internet-of-Things (IoT) Sensing with Cloud-Based Processing: Opportunities and Challenges , 2015, 2015 IEEE International Conference on Services Computing.

[3]  Edward A. Lee,et al.  The Cloud is Not Enough: Saving IoT from the Cloud , 2015, HotStorage.

[4]  Ru-chuan Wang,et al.  An efficient authentication and access control scheme for perception layer of Internet of Things , 2014 .

[5]  Jennifer Rexford,et al.  Alpaca: Compact Network Policies With Attribute-Encoded Addresses , 2017, IEEE/ACM Transactions on Networking.

[6]  Sujata Banerjee,et al.  LMS: Label Management Service for intent-driven Cloud Management , 2017, 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM).

[7]  Philip Levis,et al.  Beetle: Flexible Communication for Bluetooth Low Energy , 2016, MobiSys.

[8]  Nick Feamster,et al.  Concise Encoding of Flow Attributes in SDN Switches , 2017, SOSR.

[9]  Prabal Dutta,et al.  The Internet of Things Has a Gateway Problem , 2015, HotMobile.

[10]  David Walker,et al.  Abstractions for network update , 2012, SIGCOMM '12.

[11]  Minlan Yu,et al.  Enforcing Network-Wide Policies in the Presence of Dynamic Middlebox Actions using FlowTags , 2014, NSDI.

[12]  Björn Hartmann,et al.  fabryq: using phones as gateways to prototype internet of things applications using web scripting , 2015, EICS.

[13]  Edward A. Lee,et al.  Toward a Global Data Infrastructure , 2016, IEEE Internet Computing.

[14]  Carles Gomez,et al.  Overview and Evaluation of Bluetooth Low Energy: An Emerging Low-Power Wireless Technology , 2012, Sensors.

[15]  Hyunseok Chang,et al.  SDN-Based Multi-Protocol Edge Switching for IoT Service Automation , 2018, IEEE Journal on Selected Areas in Communications.

[16]  George Pavlou,et al.  A keyword-based ICN-IoT platform , 2017, ICN.

[17]  Antonio Pescapè,et al.  On the Integration of Cloud Computing and Internet of Things , 2014, 2014 International Conference on Future Internet of Things and Cloud.

[18]  Michael Blackstock,et al.  City Hub: A Cloud-Based IoT Platform for Smart Cities , 2014, 2014 IEEE 6th International Conference on Cloud Computing Technology and Science.

[19]  Shouxi Luo,et al.  Consistency is Not Easy: How to Use Two-Phase Update for Wildcard Rules? , 2015, IEEE Communications Letters.