Journal Article10.1109/69.617048
Information flow control in object-oriented systems
87
TL;DR: The model not only ensures protection against Trojan horses leaking information, but provides the flexibility of discretionary access control at the same time and considers three different interaction modes that are standard interaction modes found in the open distributed processing models.
read more
Abstract: We describe a high assurance discretionary access control model for object oriented systems. The model not only ensures protection against Trojan horses leaking information, but provides the flexibility of discretionary access control at the same time. The basic idea of our approach is to check all information flows among objects in the system in order to block possible illegal flows. An illegal flow arises when information is transmitted from one object to another object in violation of the security policy. The interaction modes among objects are taken into account in determining illegal flows. We consider three different interaction modes that are standard interaction modes found in the open distributed processing models. The paper presents formal definitions and proof of correctness of our flow control algorithm.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Safety checking of machine code
Zhichen Xu,Barton P. Miller,Thomas Reps +2 more
- 01 May 2000
TL;DR: The safety checker was able to either prove that an example met the necessary safety conditions, or identify the places where the safety conditions were violated, and the checking times ranged from less than a second to 14 seconds on an UltraSPARC machine.
Information flow control in role-based model for distributed objects
Keiji Izaki,K. Tanaka,Makoto Takizawa +2 more
- 15 Jun 2001
TL;DR: A role-based access control model in the object-based systems and how to resolveillegal information flow in the roles is discussed and a safe set of roles where no illegal information flow occurs is defined.
59
Access Control in Data Management Systems
TL;DR: This book provides an overview of the various developments in access control for data management systems, by surveying the most relevant proposals and analyzing the benefits and drawbacks of each paradigm in view of the requirements of different application domains.
54
Security Issues in Databases
Sohail Imran,Irfan Hyder +1 more
- 13 Dec 2009
TL;DR: This paper discusses the various security issues in databases and suggests an approach that is useful for the planning of explicit and directive based database security requirements.
46
Exception-based information flow control in object-oriented systems
TL;DR: This work proposes an approach to control unsafe flows and presents an algorithm to enforce it, formally characterize information transmission and flow in a transaction and define the conditions for safe information flow.
40
References
Secure Computer System: Unified Exposition and Multics Interpretation
D. Elliott Bell,Leonard J. La Padula +1 more
- 01 Mar 1976
TL;DR: A suggestive interpretation of the model in the context of Multics and a discussion of several other important topics (such as communications paths, sabotage and integrity) conclude the report.
A lattice model of secure information flow
TL;DR: The model provides a unifying view of all systems that restrict information flow, enables a classification of them according to security objectives, and suggests some new approaches to formulating the requirements of secure information flow among security classes.
Beyond the pale of MAC and DAC-defining new forms of access control
C.J. McCollum,J.R. Messing,L. Notargiacomo +2 more
- 07 May 1990
TL;DR: Two new forms of access controls to respond to DoD/intelligence data protection requirements that cannot be handled through traditional mandatory (MAC) or discretionary (DAC) access controls are proposed, and an informal model is presented that provides a common framework for representing both.
155
•Book
Object Data Management: Object-Oriented and Extended
R. G. G. Cattell
- 01 Oct 1994
TL;DR: Any database system user interested in the latest technologies, particularly users with large amounts of complex data to manage, as well as students, designers, and implementors of much systems, will find this book packed with useful information for their particular needs.
96
Primitive Models for Computer Security
K. G. Walter,W. F. Ogden,W. C. Rounds,Franklyn T. Bradshaw,S. R. Ames +4 more
- 23 Jan 1974
TL;DR: This model is used to develop a model of security for computer systems which have directory structured file systems and is presented as a mathematical model which specifies the security constraints applicable toComputer systems which simultaneously handle data of different sensitivity levels.
40