Title :
Secure information flow using security groups
Author_Institution :
Cranfield IT Inst., Milton Keynes, UK
Abstract :
A new model and approach for secure information flow are described. The model is driven by a lattice-based information flow policy which describes the permitted dissemination of information in the system. System entities are allowed to handle different classes of information from the flow policy, and information is permitted to flow between entities as long as the flow policy is not violated. With this conceptually simple notion of security it is possible to describe many interesting security policies, for example, multilevel policies, aggregation policies, and Chinese walls. Details of how secure systems based on the model can be implemented in practice are given. Attention is also given to how other types of security policies, such as integrity and separation of duty, can be defined in terms of lattice-based policies
Keywords :
security of data; Chinese walls; aggregation policies; dissemination; integrity; lattice-based information flow policy; lattice-based policies; multilevel policies; secure information flow; security; security groups; separation of duty; Access control; Data security; Information security; Lattices; Multilevel systems; Tail;
Conference_Titel :
Computer Security Foundations Workshop III, 1990. Proceedings
Conference_Location :
Franconia, NH
Print_ISBN :
0-8186-2071-4
DOI :
10.1109/CSFW.1990.128186
