Preventing Illegal Information Flow Based on Role-Based Access Control Model
NBiS '08 Proceedings of the 2nd international conference on Network-Based Information Systems
A purpose-based synchronisation protocol of multiple transactions in multi-agent systems
International Journal of Business Intelligence and Data Mining
A legal information flow (LIF) scheduler based on role-based access control model
Computer Standards & Interfaces
Role-based scheduling and synchronization algorithms to prevent illegal information flow
NBiS'07 Proceedings of the 1st international conference on Network-based information systems
Hi-index | 0.00 |
In information systems, multiple transactions issued by subjects manipulate objects in a conflicting way. Conflicting access requests from multiple transactions have to be serialized. There are various ways to order multiple access requests like FIFO and timestamp ordering (TO) schemes. In scheduling ways in operating systems and others, highly prioritized processes are performed before lower ones. In this paper, we postulate that an access request from a more significant subject should be performed prior to another access request from a less significant subject. We define the significancy of subjects in terms of roles assigned to subjects and authorization of roles. In the role-based access control model, a role is a set of access rights. Only a subject granted a role can issue an access request in the role. Here, there are two views, subjectoriented (SO) and purpose-oriented (PO) to order transactions. A method issued by a more significant subject should be performed before another conflicting method issued by a less significant subject in the SO view. A transaction issued by a subject is associated with a purpose, i.e. a subset of roles granted to the subject. A method with a more significant purpose should be performed before another method with a less significant purpose in the PO view. In this paper, we discuss how conflicting methods are ordered in a unique SO and PO (SPO) view.