The alternating fixpoint of logic programs with negation
PODS '89 Proceedings of the eighth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
High assurance discretionary access control for object bases
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Stable and extension class theory for logic programs and default logics
Journal of Automated Reasoning
A behavioral notion of subtyping
ACM Transactions on Programming Languages and Systems (TOPLAS)
Role-Based Access Control Models
Computer
IEEE Transactions on Software Engineering
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
Certification of programs for secure information flow
Communications of the ACM
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Information flow analysis of an RBAC system
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Information Flow Control in Object-Oriented Systems
IEEE Transactions on Knowledge and Data Engineering
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Information Flow in a Purpose-Oriented Access Control Model
ICPADS '97 Proceedings of the 1997 International Conference on Parallel and Distributed Systems
Information Flow Control in Role-Based Model for Distributed Objects
ICPADS '01 Proceedings of the Eighth International Conference on Parallel and Distributed Systems
Providing flexibility in information flow control for object oriented systems
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Security policies for downgrading
Proceedings of the 11th ACM conference on Computer and communications security
Maintaining privacy on derived objects
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
Access control is a crucial concern to build secure IT systems and, more specifically, to protect the confidentiality of information. However, access control is necessary, but not sufficient. Actually, IT systems can manipulate data to provide services to users. The results of a data processing may disclose information concerning the objects used in the data processing itself. Therefore, the control of information flow results fundamental to guarantee data protection. In the last years many information flow control models have been proposed. However, these frameworks mainly focus on the detection and prevention of improper information leaks and do not provide support for the dynamical creation of new objects. In this paper we extend our previous work to automatically support the dynamical creation of objects by verifying the conditions under which objects can be created and automatically associating an access control policy to them. Moreover, our proposal includes mechanisms tailored to control the usage of information once it has been accessed.