Embedding role-based access control model in object-oriented systems to protect privacy
Journal of Systems and Software
Providing flexible access control to an information flow control model
Journal of Systems and Software
An agent-based inter-application information flow control model
Journal of Systems and Software - Special issue: Software engineering education and training
An information flow control model for C applications based on access control lists
Journal of Systems and Software
Managing role relationships in an information flow control model
Journal of Systems and Software
Towards defining semantic foundations for purpose-based privacy policies
Proceedings of the first ACM conference on Data and application security and privacy
| Hi-index | 0.00 |
Abstract: In distributed applications, multiple objects cooperate to achieve some objectives. Each object is manipulated through an operation supported by the object and then the operation may further invoke operations of other objects, i.e. nested operations. Purpose-oriented access rules indicate what operation in each object can invoke operations of other objects. Information flow among the objects occurs if the requests and responses of the operations carry data. Only the purpose-oriented access rules which imply legal information flow are allowed. In this paper, we discuss how to specify the access rules so that the information flow occurring in the nested invocation of the operations is legal.