• DocumentCode
    2344336
  • Title

    A model for secure information flow

  • Author

    Foley, Simon N.

  • Author_Institution
    Dept. of Comput. Sci., Univ. Coll., Cork, Ireland
  • fYear
    1989
  • fDate
    1-3 May 1989
  • Firstpage
    248
  • Lastpage
    258
  • Abstract
    A model that characterizes systems that restrict information flow is proposed. The model, called the confinement model, provides greater flexibility in the binding of entities to their security classes than the current static case. A consequence of the nature of security class binding in the confinement model is its ability to enforce nontransitive information-flow policies. A framework of information-flow policies is defined which forms a distributive lattice under operations for policy ordering and combination. It is shown that a state-based MAC (mandatory access) version of the confinement model is the same as a traditional Bell and LaPadula MAC model, except that the confinement model includes a special rule on dynamic class change
  • Keywords
    programming theory; security of data; MAC model; confinement model; dynamic class change; entities; information-flow policies; policy ordering; secure information flow; security classes; state-based MAC; Computer science; Data security; Educational institutions; Information security; Lattices; Upper bound;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy, 1989. Proceedings., 1989 IEEE Symposium on
  • Conference_Location
    Oakland, CA
  • Print_ISBN
    0-8186-1939-2
  • Type

    conf

  • DOI
    10.1109/SECPRI.1989.36299
  • Filename
    36299
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2344336