Fine Granularity Access Rights for Information Flow Control in Object Oriented Systems

Author

Maamir, Allaoua ; Fellah, Abdelaziz ; Salem, Lina A.

Author_Institution

Dept. of Comput. Sci., Univ. of Sharjah, Sharjah

fYear

2008

fDate

24-26 April 2008

Firstpage

122

Lastpage

128

Abstract

One of the main features of information flow control is to ensure the enforcement of privacy and regulated accessibility. However, most information flow control models that have been proposed do not provide substantial assurance to enforce end-to-end confidentiality policies or they are too restrictive, overprotected, and inflexible. We present a model for discretionary access controls that is in harmony with the object oriented paradigm. The model uses access rights applied to object attributes and methods, thus allowing considerable flexibility without compromising system security by leaking sensitive information. Models based on message filtering intercept every message exchanged among objects to control the flow of information. We present an algorithm which enforces message filtering based on the defined access rights.

Keywords

authorisation; data flow analysis; data privacy; object-oriented programming; access rights; discretionary access control; end-to-end confidentiality policy; information flow control; message filtering; object oriented system; privacy enforcement; Access control; Biomedical imaging; Control systems; Filtering; Hospitals; Information security; Invasive software; Object oriented modeling; Permission; Privacy; Information flow; access rights; object oriented systems security; privary; secrecy;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Security and Assurance, 2008. ISA 2008. International Conference on

Conference_Location

Busan

Print_ISBN

978-0-7695-3126-7

Type

conf

DOI

10.1109/ISA.2008.98

Filename

4511547