CLAP: Compact Labeling scheme for Attribute-based IoT Policy control

In order to create services using IoT devices, the underlying network infrastructure must support large number of such devices with different underlying protocols, and diverse requirements from the service applications (privacy, reliability and QoS guarantee, etc.). Many of these requirements can be realized by implementing an in-network packet forwarding policy in the infrastructure supporting direct device-to-device communications. However, with large number of devices deployed in the IoT network, the number of rules required for policy enforcement grows very rapidly, and it becomes an infrastructural challenge to installing and managing the rules in switches/routers. We argue that attaching labels to address IoT devices can significantly reduce the number of rules by using wild-cards. We formulate a scheme that can produce the optimum length labels for representing the service attributes of the communicating IoT devices. Due to non-convex nature of the optimization, we develop two heuristic solutions for the label generating scheme. Through evaluation using a simulated but practical IoT network environment with large number of devices, we demonstrate the benefits of the scheme that can reduce the number of rules by several orders of multitude.