• DocumentCode
    311687
  • Title

    Providing flexibility in information flow control for object oriented systems

  • Author

    Ferrari, Elena ; Samarati, Pierangela ; Bertino, Elisa ; Jajodia, Sushil

  • Author_Institution
    Dipartimento di Sci. dell´´Inf., Milan Univ., Italy
  • fYear
    1997
  • fDate
    4-7 May 1997
  • Firstpage
    130
  • Lastpage
    140
  • Abstract
    This paper presents an approach to control information flow in object-oriented systems that takes into account, besides authorizations on objects, also how the information has been obtained and/or transmitted. These aspects are considered by allowing exceptions to the restrictions stated by the authorizations. Exceptions are specified by means of waivers associated with methods. Two kinds of waivers are supported: invoke-waivers, specifying exceptions applicable during a method´s execution, and reply-waivers, specifying exceptions applicable to the information returned by a method. Information flowing from one object into another object is subject to the different waivers of the methods enforcing the transmission. We formally characterize information transmission and flow in a transaction taking into consideration different interaction modes among objects. We then define security specifications, meaning authorizations and waivers, and characterize safe information flows. We formally define conditions whose satisfaction ensures absence of unsafe flows and present an algorithm enforcing these conditions
  • Keywords
    authorisation; exception handling; object-oriented programming; security of data; transaction processing; access control; authorizations; exception specification; information flow control flexibility; information transmission; interaction modes; invoke-waivers; object oriented systems; reply-waivers; safe information flows; security specifications; transaction; waivers; Access control; Authorization; Control systems; Information security; Invasive software; Marine vehicles; National security; Proposals; Protection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy, 1997. Proceedings., 1997 IEEE Symposium on
  • Conference_Location
    Oakland, CA
  • ISSN
    1081-6011
  • Print_ISBN
    0-8186-7828-3
  • Type

    conf

  • DOI
    10.1109/SECPRI.1997.601328
  • Filename
    601328