Embedding role-based access control model in object-oriented systems to protect privacy
Journal of Systems and Software
Providing flexible access control to an information flow control model
Journal of Systems and Software
An agent-based inter-application information flow control model
Journal of Systems and Software - Special issue: Software engineering education and training
An information flow control model for C applications based on access control lists
Journal of Systems and Software
Managing role relationships in an information flow control model
Journal of Systems and Software
Hierarchical hippocratic databases with minimal disclosure for virtual organizations
The VLDB Journal — The International Journal on Very Large Data Bases
Optimal Privacy-Aware Path in Hippocratic Databases
DASFAA '09 Proceedings of the 14th International Conference on Database Systems for Advanced Applications
Creating objects in the flexible authorization framework
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
OTM'05 Proceedings of the 2005 OTM Confederated international conference on On the Move to Meaningful Internet Systems: CoopIS, COA, and ODBASE - Volume Part II
Hi-index | 0.00 |
In distributed applications, a group of multiple objects are cooperating to achieve some objectives. An object is modeled as a pair of data structure and operations. Each object is manipulated through an operation supported by the object and then the operation may further invoke operations of other objects, i.e. nested operations. The purpose-oriented access rules indicate what operation in each object can invoke operations of other objects. The information flow among the objects occur if the requests and responses of the operations carry some data. Only the purpose-oriented access rules which imply the legal information flow are allowed. In this paper, we discuss how to test the access rules if the information flow occurring in the nested invocation of the operations is legal.