Authors:
Khaoula Braiki
1
and
Olfa Dallel
2
Affiliations:
1
UFR SEGMI, Nanterre University, France
;
2
ENISo, University of Sousse, Tunisia
Keyword(s):
Information Flow Control, Secure Service Composition, IoT, Blockchain, Interference.
Abstract:
The Internet of Things (IoT) integrates smart devices that collect real time data from the environment. These data are leveraged to propose innovative services which transform the individual lives in a particular context such as smart homes. The Service Oriented Architecture (SOA) is adopted to support the composition of services. However, the service composition faces the problem of security, where data can illegitimately be shared with unauthorized services. This problem is called interference. The key challenge is to ensure end-to-end security which will guarantee the confidentiality and integrity of data. In this paper, we ensure the service binding in a blockchain-based SOA architecture and propose an approach based on the information flow control to protect data confidentiality. Service provider can express the service binding requirements by considering the service provider, the domain, the trust degree and the type of the operation to perform in order to secure the service co
mposition. Moreover, we propose to apply a binding mode: a rule-based binding mode or smart binding based on a machine learning decision tree model. To avoid the interference issue, we integrate a non-interference verification mechanism by assigning a security level for each service. Our smart blockchain-based information flow control approach guarantees the confidentiality and integrity of information in IoT systems.
(More)