Abstract
One of the main features of information flow control is to ensure the enforcement of privacy, secrecy, and confidentiality. However, most information flow models that have been proposed are too restrictive, overprotected, and inflexible. This paper presents an approach to control flow information in object-oriented systems using versions, thus allowing considerable flexibility without compromising system security by disclosing and leaking sensitive information. Models based on message filtering intercept every message exchanged among objects to control the flow of information. Versions are proposed to provide flexibility and avoid unnecessary and undesired able blocking of messages during the filtering process. Two options of operations are supported by versions — cloning reply and non-cloning reply. Furthermore, we present an algorithm en \lambda corresponding author forcing the message filtering through these operations.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abadi M., “Secrecy by Typing in Security Protocols”, In Proceedings Theoretical Aspects of Computer Software: Third International Conference, September 1997.
Denning D.E. and Denning P.J., “Certification of Programs for Secure Information Flow”, Comm. of the ACM, Vol. 20, No. 7, pp. 504–513, 1977.
Denning D.E., “A Lattice Model of Secure Information Flow”, Comm. Of the ACM, Vol. 19, No. 5, pp. 236–243, 1976.
Fellah A., Rahwan I., and Maamir A., “Information Flow Control Using Versions in Object Oriented Systems”, Technical Report (CS–9P), Dept. of Math. & Computer Science, UAE University, Al-Ain, UAE, June 1999.
Ferraiolo D.F., Barkley J.F., and Kuhn D.R., “A Role Based Access Control Model and Reference Implementation within a Corporate Intranet”, ACM Transactions on Information and Systems Security, Vol. 2, No. 1, February, 1999.
Ferraiolo D.F., Gugini J. A., and. Kuhn D.R “Role Based Access Control: Features and Motivations,” In Proceedings 11th Annual Computer Security Applications Conference, New Orleans, LA, December 1995.
Ferrari E., Samarati P., Bertino E., and Jajodia S., “Providing Flexibility in InformationFlow Control for ObjectOriented Systems”, In Proceedings IEEE Symposium on Security and Privacy, pp. 130140, Oakland, CA, USA, May 1997.
Jajodia S. and Kogan B., “Integrating an Object oriented Data Model with Multilevel Security”, In Proc. IEEE Symp. on Security and Privacy, pp. 7685, Oakland, California, 1990.
Myers A.C. and Liskov B., “Complete, Safe Information Flow with Decentralized Labels”, In Proceedings of IEEE S&P′98, Oakland, California, May, 1998.
Myers A. and Liskov B., “A Decentralized Model for Information Flow Control”, In Proc. 17th ACM Symposium on Operating System Principles (SOSP), pp. 129–142, SaintMalo, France, 1997.
Samarati P., Bertino E., Ciampichetti A., and Jajodia S., “Information Flow Control in Object Oriented Systems”, IEEE Trans, on Knowledge and Data Engineering, Vol. 9, No 4, July/August 1997, pp. 524–538.
Sandhu R., “Role Activation Hierarchies”, In Proceedings of 3rd ACM Workshops on Role Based Access Control, Fairfax, Virginia, October 2223, 1998.
Thomas R.K. and Sandhu R., “Implementing the Message Filter ObjectOriented Security Model without Trusted Subjects”, In Proceedings of the IFIP WG11.3 Workshop on Database Security, Vancouver, Canada, August, 19–21, 1992.
Sandhu R, “Role Activation Hierarchies”, In Proceedings of 3rd ACM Workshops on Role Based Access Control, Fairfax, Virginia, October 22–23, 1998.
Sandhu R, Coyne E.J., Feinstein H.L., and Youman C.E., “Role Based Access Control Models”, IEEE Computer, Vol. 29, No. 2, February 1996.
Sandhu R and Samarati P., “Authentication, Access Control, and Audit”, ACM Computing Surveys, Vol. 28, No. 1, March 1996.
Sandhu R., Hal E.J. C, Feinstein L. and Youman C.E., “Role Based Access Control Models”, IEEE Computer, Vol. 29, No. 2, pp. 38–47, February 1996.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer Science+Business Media New York
About this chapter
Cite this chapter
Fellah, A., Rahwan, I., Maamir, A. (2003). Information Flow Control Using Version in Object-Oriented Systems. In: Kent, R.D., Sands, T.W. (eds) High Performance Computing Systems and Applications. The Springer International Series in Engineering and Computer Science, vol 727. Springer, Boston, MA. https://doi.org/10.1007/978-1-4615-0288-3_30
Download citation
DOI: https://doi.org/10.1007/978-1-4615-0288-3_30
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4613-5005-7
Online ISBN: 978-1-4615-0288-3
eBook Packages: Springer Book Archive