Secure IoT Information Flow Control Model

Secure IoT consists of various devices that are connected by a dynamic and heterogeneous network. The various devices collect and store information that may be sensitive whose access must be regulated. The type of the device, the functionality provided by it, the information content stored in it determine how to secure the device and control its interaction with other devices. The goal is to share information across devices on a need-to-know basis and also ensure that no sensitive information is leaked outside the security perimeter.  In order to handle issues pertaining to scalability, we propose that an IoT environment can be compartmentalized into trust domains based on their primary functionality. The intra-zone and inter-zone communication patterns will be specified. This will form the basis of a decentralized information flow control model that is suitable for the IoT environment.