Concurrency control and recovery in database systems
Concurrency control and recovery in database systems
High assurance discretionary access control for object bases
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Role-Based Access Control Models
Computer
A lattice model of secure information flow
Communications of the ACM
The notions of consistency and predicate locks in a database system
Communications of the ACM
Lattice-Based Access Control Models
Computer
A Role-Based Access Control for Intranet Security
IEEE Internet Computing
Notes on Data Base Operating Systems
Operating Systems, An Advanced Course
Role-Based Access Control
Information Flow Control in Role-Based Model for Distributed Objects
ICPADS '01 Proceedings of the Eighth International Conference on Parallel and Distributed Systems
Concurrency Control Based-on Significancy on Roles
ICPADS '05 Proceedings of the 11th International Conference on Parallel and Distributed Systems - Volume 01
Role-Based Concurrency Control for Distributed Systems
AINA '06 Proceedings of the 20th International Conference on Advanced Information Networking and Applications - Volume 01
Concurrency Control using Subject- and Purpose-Oriented (SPO) View
ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Secure interoperation of identity managements among different circles of trust
Computer Standards & Interfaces
| Hi-index | 0.00 |
Information systems have to be consistent and secure in presence of multiple conflicting transactions. The role-based access control (RBAC) model is widely used to keep information systems consistent and secure. A role shows a job function in an enterprise and is a set of access rights (permissions). Here, a subject s is allowed to issue a method op to an object o only if an access right is included in the roles granted to the subject s. A subject is granted one or more than one role and issues a transaction to multiple objects. The transaction is assigned with some roles of the subject which is referred to as purpose. Even if every access request issued by every subject is authorized in the roles, illegal information flow might occur as well known confinement problem. In this paper, we define a legal information flow (LIF) relation (R"1 @?^IR"2) among a pair of role families R"1 and R"2 to prevent illegal information flow. Here, an LIF relation R"1 @?^IR"2 shows that no illegal information flow occur if a transaction T"1 with a role family R"1 is performed prior to another transaction T"2 with a role family R"2. In addition, it is significant to discuss which transaction to be performed prior to another transaction if the both transactions manipulate the same object in a conflicting way. In this paper, we define a significantly precedent relation R"1 @?^sR"2 among role families R"1 and R"2 which implies that the role family R"2 is more significant than R"1. Suppose a pair of transactions T"1 and T"2 with role families R"1 and R"2 issue conflicting methods op"1 and op"2, respectively, to an object o. If R"1 @?^sR"2, op"2 is performed on the object o prior to op"1. The more significant a transaction is, the more prior it is performed. We discuss a legal information flow (LIF) scheduler to synchronize transactions so as to prevent illegal information flow and to serialize conflicting methods from multiple transactions in terms of significancy and information flow relation of roles families. We evaluate the LIF scheduler in terms of how much illegal information flow can be prevented compared with the other scheduler.