Received: 12 March 2018 Revised: 10 May 2018 Accepted: 18 May 2018 DOI: 10.1002/cpe.4729 SPECIAL ISSUE PAPER Secure-CamFlow: A device-oriented security model to assist information flow control systems in cloud environments for IoTs Anum Khurshid 1 Abdul Nasir Khan 1 Fiaz Gul Khan 1 Mazhar Ali 1 Junaid Shuja 1 Atta ur Rehman Khan 2 1 Department of Computer Science, COMSATS Institute of Information Technology, Abbottabad, Pakistan 2 Department of Computer Science, Air University, Islamabad, Pakistan Correspondence Abdul Nasir Khan, Department of Computer Science, COMSATS Institute of Information Technology, Abbottabad, Pakistan. Email: anasir@ciit.net.pk Summary Recent developments in the cloud technologies have motivated the migration of distributed large systems, specifically the Internet of Things to the cloud architecture. Since Internet of Things con- sist of a vast network and variety of objects, the cloud platform proves to be an ideal option. It is essential for the proper functioning of the Internet of Things to be able to share data among the system processes. The biggest problem faced during the transition of the IoTs to the cloud is the security of data especially while data sharing within the cloud and among its tenants. Information Flow Control mechanisms are one of the many solutions to enable a controlled sharing of data. Integration of Information Flow Control Systems to the existing architecture requires various lev- els of re-engineering efforts. Moreover, most of the Information Flow Control systems focus on data flow within the cloud and neglect the security and integrity of data while it is being trans- ferred to the cloud from various devices. This research focuses on securing the entire process of data migration to cloud from devices while the in-cloud data flow is monitored by the Informa- tion Flow Control policies specified by the users. We have developed a prototype for the proposed model, and results are evaluated on the basis of energy consumption and execution time. As pro- posed model provides security services such as privacy, integrity, and authentication, hence it takes more execution time and consumes more energy as compared with the existing model. KEYWORDS cloud computing, information flow control, IoT, privacy, security 1 INTRODUCTION Internet of Things (IoTs) is the emerging technology that connects numerous smart devices to form a larger system. The interconnected compo- nents communicate continuously like a single entity. The resulting systems of IoTs are the smart cities, smart homes, smart grids, intelligent health, transportation facilities, and smart metering. 1 The smart devices in IoTs are equipped with sensors and actuators and provide remote controlled access. The IoTs is based on a widespread network of devices all over the world. 2 For IoTs to function, the system requires intercommunication of processes, storage, and sharing of information. The aforesaid objectives can be achieved by connecting all IoTs devices to a single platform such as cloud. 3 Currently, a major area of research is on the integration of IoTs with cloud computing. The integration of IoTs with the cloud provides a solu- tion to most of the issues of the existing IoTs architecture such as (a) the application can be deployed in a matter of minutes, (b) the device becomes independent of location, (c) information can be shared with a variety of audience who has permission to access the resource anytime and anywhere, and (d) data sharing among the tenants is easy. 4,5 The integration of IoTs with cloud raises some other concerns. 4 The existing issues are providing secure communications, identification, and manipulation of sensitive data, provider-based security against malicious devices, data protection within a cloud, in-cloud data sharing, dealing with combinations of sensitive and insensitive data, and providing compliance using audit logging. The most important issue that grabs the attention of Concurrency Computat Pract Exper. 2018;e4729. wileyonlinelibrary.com/journal/cpe © 2018 John Wiley & Sons, Ltd. 1 of 22 https://doi.org/10.1002/cpe.4729