Multilevel security in the UNIX tradition
Software—Practice & Experience
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
Exception-based information flow control in object-oriented systems
ACM Transactions on Information and System Security (TISSEC)
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Learning Java
IEEE Internet Computing
Lattice-Based Access Control Models
Computer
Information Flow Control in Object-Oriented Systems
IEEE Transactions on Knowledge and Data Engineering
Information Flow in a Purpose-Oriented Access Control Model
ICPADS '97 Proceedings of the 1997 International Conference on Parallel and Distributed Systems
Information Flow Control among Objects: Taking Foreign Objects into Control
HICSS '03 Proceedings of the 36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 9 - Volume 9
A Purpose-Oriented Access Control Model
ICOIN '98 Proceedings of the 13th International Conference on Information Networking
Information Flow Control in Role-Based Model for Distributed Objects
ICPADS '01 Proceedings of the Eighth International Conference on Parallel and Distributed Systems
Providing flexibility in information flow control for object oriented systems
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Embedding role-based access control model in object-oriented systems to protect privacy
Journal of Systems and Software
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
Access control in an application prevents information leakage in the application. The prevention can be achieved by controlling information flows. Many information flow control models have been developed. Since applications may cooperate, controlling information flows among cooperating applications is necessary. Our survey reveals that no existing model offers the control. We thus developed a model to control information flows among cooperating object-oriented applications. In designing the model, we require that cooperating applications communicate with one another through JAVA RMI (remote method invocation). Our model is based on the following considerations: when a RMI occurs, the security level of an argument should not be higher than that of the parameter receiving the argument's value, and the security level of a variable receiving a method return value should not be lower than that of the method return value. The model is agent-based. Moreover, different applications can embed different information flow control models. With this, the proposed model coordinates heterogeneous information flow control models. This paper presents our inter-application information flow control model.