Granular computing and flow analysis on discretionary access control: solving the propagation problem

Authors:
Tsau Young Lin;Jene Pan
Affiliations:
Department of Computer Science, San Jose State University, San Jose, CA;Department of Computer Science, San Jose State University, San Jose, CA
Venue:
SMC'09 Proceedings of the 2009 IEEE international conference on Systems, Man and Cybernetics
Year:
2009

Citing 17
Cited 1

On conflicts

International Journal of Man-Machine Studies
A user-role based data security approach

on Database Security: Status and Prospects
Advances in computer system security

Advances in computer system security
Lattice-based enforcement of Chinese Walls

Computers and Security
Role-Based Access Control Models

Computer
How to do discretionary access control using roles

RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Neighborhood systems and relational databases

CSC '88 Proceedings of the 1988 ACM sixteenth annual conference on Computer science
Towards a definitive paradigm for security in object-oriented systems and applications

Journal of Computer Security - Special issue on database security
Configuring role-based access control to enforce mandatory and discretionary access control policies

ACM Transactions on Information and System Security (TISSEC)
A lattice model of secure information flow

Communications of the ACM
A formal system for information retrieval from files

Communications of the ACM
Canonical structure in attribute based file organization

Communications of the ACM
Lattice-Based Access Control Models

Computer
Attribute Based Data Model and Polyinstantiation

Proceedings of the IFIP 12th World Computer Congress on Education and Society - Information Processing '92 - Volume 2 - Volume 2
Chinese Wall Security Model and Conflict Analysis

COMPSAC '00 24th International Computer Software and Applications Conference
Granular Computing on Binary Relations

TSCTC '02 Proceedings of the Third International Conference on Rough Sets and Current Trends in Computing
Some reflections on information granulation and its centrality in granular computing, computing with words, the computational theory of perceptions and precisiated natural language

Data mining, rough sets and granular computing

Unifying Rough Set Theories via Large Scaled Granular Computing

Fundamenta Informaticae - To Andrzej Skowron on His 70th Birthday

Quantified Score

Hi-index	0.00

Visualization

Abstract

Based on granular computing, information flows in Discretionary Access Control (DAC) are examined. DAC are classified in the following nested order: From general to specific, binary neighborhood systems(binary relations), topological spaces (reflexive and transitive relations) and clopen spaces (equivalence relations) in geometric (algebraic) terms. In security terms, the two smaller classes meet information flow security and Chinese wall security policy in respective order. Roughly, information flow security policy (IFSP) means any data can never flow or propagate into the enemy hands of the initial owner. Chinese wall security policy is IFSP, in which enemy is a symmetric relation.