Information flow control in object-oriented systems
- 1 January 1997
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Transactions on Knowledge and Data Engineering
- Vol. 9 (4) , 524-538
- https://doi.org/10.1109/69.617048
Abstract
In this paper, we describe a high assurance discretionary access control model for object-oriented systems. The model not only ensures protection against Trojan horses leaking information, but provides the flexibility of discretionary access control at the same time. The basic idea of our approach is to check all information flows among objects in the system in order to block possible illegal flows. An illegal flow arises when information is transmitted from one object to another object in violation of the security policy. The interaction modes among objects are taken into account in determining illegal flows. We consider three different interaction modes that are standard interaction modes found in the open distributed processing models. The paper presents formal definitions and proof of correctness of our flow control algorithm.Keywords
This publication has 9 references indexed in Scilit:
- Discretionary access controls in a high-performance object management systemPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- A pump for rapid, reliable, secure communicationPublished by Association for Computing Machinery (ACM) ,1993
- Integrating an object-oriented data model with multilevel securityPublished by Institute of Electrical and Electronics Engineers (IEEE) ,1990
- Beyond the pale of MAC and DAC-defining new forms of access controlPublished by Institute of Electrical and Electronics Engineers (IEEE) ,1990
- Limiting the Damage Potential of Discretionary Trojan HorsesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,1987
- Access Flow: A Protection Model which Integrates Access Control and Information FlowPublished by Institute of Electrical and Electronics Engineers (IEEE) ,1981
- A penetration analysis of a Burroughs Large SystemACM SIGOPS Operating Systems Review, 1981
- A lattice model of secure information flowCommunications of the ACM, 1976
- Secure Computer System: Unified Exposition and Multics InterpretationPublished by Defense Technical Information Center (DTIC) ,1976