DocumentCode
1470389
Title
Information flow control in object-oriented systems
Author
Samarati, Pierangela ; Bertino, Elisa ; Ciampichetti, Alessandro ; Jajodia, Sushil
Author_Institution
Dipartimento di Sci. dell´´Inf., Milan Univ., Italy
Volume
9
Issue
4
fYear
1997
Firstpage
524
Lastpage
538
Abstract
We describe a high assurance discretionary access control model for object oriented systems. The model not only ensures protection against Trojan horses leaking information, but provides the flexibility of discretionary access control at the same time. The basic idea of our approach is to check all information flows among objects in the system in order to block possible illegal flows. An illegal flow arises when information is transmitted from one object to another object in violation of the security policy. The interaction modes among objects are taken into account in determining illegal flows. We consider three different interaction modes that are standard interaction modes found in the open distributed processing models. The paper presents formal definitions and proof of correctness of our flow control algorithm
Keywords
authorisation; computer viruses; object-oriented databases; object-oriented programming; open systems; program verification; Trojan horses; discretionary access control; flow control algorithm; formal definitions; high assurance discretionary access control model; illegal flows; information flow control; interaction modes; object oriented systems; open distributed processing models; proof of correctness; security policy; Access control; Authorization; Control system synthesis; Control systems; Data security; Distributed processing; Information security; Invasive software; Object oriented modeling; Protection;
fLanguage
English
Journal_Title
Knowledge and Data Engineering, IEEE Transactions on
Publisher
ieee
ISSN
1041-4347
Type
jour
DOI
10.1109/69.617048
Filename
617048
Link To Document