Information flow control in object-oriented systems

被引:48
|
作者
Samarati, P
Bertino, E
Ciampichetti, A
Jajodia, S
机构
[1] GEORGE MASON UNIV,DEPT INFORMAT & SOFTWARE SYST ENGN,FAIRFAX,VA 22030
[2] GEORGE MASON UNIV,CTR SECURE INFORMAT SYST,FAIRFAX,VA 22030
来源
IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING | 1997年 / 9卷 / 04期
基金
美国国家科学基金会;
关键词
object-oriented databases and systems; security; discretionary access control; mandatory access control; Trojan horse; distributed processing;
D O I
10.1109/69.617048
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
In this paper, we describe a high assurance discretionary access control model for object-oriented systems. The model not only ensures protection against Trojan horses leaking information, but provides the flexibility of discretionary access control at the same time. The basic idea of our approach is to check all information flows among objects in the system in order to block possible illegal flows. An illegal flow arises when information is transmitted from one object to another object in violation of the security policy. The interaction modes among objects are taken into account in determining illegal flows. We consider three different interaction modes that are standard interaction modes found in the open distributed processing models. The paper presents formal definitions and proof of correctness of our flow control algorithm.
引用
收藏
页码:524 / 538
页数:15
相关论文
共 50 条
  • [1] Information flow control using version in object-oriented systems
    Fellah, A
    Rahwan, I
    Maamir, A
    HIGH PERFORMANCE COMPUTING SYSTEMS AND APPLICATIONS, 2003, 727 : 271 - 284
  • [2] Providing flexibility in information flow control for object-oriented systems
    Ferrari, E
    Samarati, P
    Bertino, E
    Jajodia, S
    1997 IEEE SYMPOSIUM ON SECURITY AND PRIVACY - PROCEEDINGS, 1997, : 130 - 140
  • [3] An information flow control model for both object-oriented and non-object-oriented systems
    Chou, Shih-Chien
    Lai, Chia-Wei
    JOURNAL OF INFORMATION SCIENCE AND ENGINEERING, 2007, 23 (02) : 479 - 496
  • [4] Association-based information flow control in object-oriented systems
    Chou, SC
    Wen, YK
    INTERNATIONAL JOURNAL OF SOFTWARE ENGINEERING AND KNOWLEDGE ENGINEERING, 2004, 14 (03) : 291 - 322
  • [5] Adding flexibility in information flow control for object-oriented systems using versions
    Maamir, A
    Fellah, A
    INTERNATIONAL JOURNAL OF SOFTWARE ENGINEERING AND KNOWLEDGE ENGINEERING, 2003, 13 (03) : 313 - 325
  • [6] A label-based information flow control model for object-oriented systems
    Chou, Shih-Chien
    JOURNAL OF THE CHINESE INSTITUTE OF ENGINEERS, 2007, 30 (02) : 323 - 330
  • [7] Information Flow in Object-Oriented Software
    Beckert, Bernhard
    Bruns, Daniel
    Klebanov, Vladimir
    Scheben, Christoph
    Schmitt, Peter H.
    Ulbrich, Mattias
    LOGIC-BASED PROGRAM SYNTHESIS AND TRANSFORMATION, LOPSTR 2013, 2014, 8901 : 19 - 37
  • [8] Information Flow Control-by-Construction for an Object-Oriented Language
    Runge, Tobias
    Kittelmann, Alexander
    Servetto, Marco
    Potanin, Alex
    Schaefer, Ina
    SOFTWARE ENGINEERING AND FORMAL METHODS, SEFM 2022, 2022, 13550 : 209 - 226
  • [9] Managing object evolution in object-oriented information systems
    Hammoudi, S
    Pinto, CS
    WORLD MULTICONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL 1, PROCEEDINGS: ISAS '98, 1998, : 452 - 459
  • [10] A logic for information flow in object-oriented programs
    Amtoft, T
    Bandhakavi, S
    Banerjee, A
    ACM SIGPLAN NOTICES, 2006, 41 (01) : 91 - 102
12345