Loading…
Providing flexible access control to an information flow control model
Protecting privacy within an application is essential. Many information flow control models have been developed for that protection. We developed an information flow control model based on role-based access control (RBAC) for object-oriented systems, which is called OORBAC (object-oriented role-base...
Saved in:
Published in: | The Journal of systems and software 2004-11, Vol.73 (3), p.425-439 |
---|---|
Main Author: | |
Format: | Article |
Language: | English |
Subjects: | |
Citations: | Items that this one cites Items that cite this one |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Protecting privacy within an application is essential. Many information flow control models have been developed for that protection. We developed an information flow control model based on role-based access control (RBAC) for object-oriented systems, which is called OORBAC (object-oriented role-based access control). According to the experiences of using OORBAC, we found that a model allowing every secure information flow and blocking every non-secure flow is too restricted. We propose that the following flexible access control features should be offered: (a) non-secure but harmless information flows should be allowed and (b) secure but harmful information flows should be blocked. According to our survey, no existing model offers the above control. We thus revised OORBAC to offer the control. The revised OORBAC have been implemented and evaluated. This paper presents flexible access control in the revised OORBAC and the evaluation result. |
---|---|
ISSN: | 0164-1212 1873-1228 |
DOI: | 10.1016/j.jss.2003.08.235 |