A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
Database security
Role-Based Access Control Models
Computer
A lattice model of secure information flow
Communications of the ACM
Protection in operating systems
Communications of the ACM
A note on the confinement problem
Communications of the ACM
The Java Language Specification
The Java Language Specification
Lattice-Based Access Control Models
Computer
Information Flow Control in Object-Oriented Systems
IEEE Transactions on Knowledge and Data Engineering
A Role-Based Access Control for Intranet Security
IEEE Internet Computing
ACM SIGOPS Operating Systems Review
Information Flow Control in Role-Based Model for Distributed Objects
ICPADS '01 Proceedings of the Eighth International Conference on Parallel and Distributed Systems
Providing flexibility in information flow control for object oriented systems
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Hi-index | 0.00 |
Various kinds of applications have to be secure in an object-based model. The secure system is required to not only protect objects from illegally manipulated but also prevent illegal information flow among objects. In this paper, we discuss how to resolve illegal information flow among objects in a role-based model. We define safe roles where no illegal information flow occurs. In addition, we discuss how to safely perform transactions with unsafe roles. We discuss an algorithm to check if illegal information flow occurs each time a method is performed.