The Limes Security Model for Information Flow Control

Abstract

In the business world, the protection of information and data objects and their well-directed flow is essential for the success of enterprises. The Chinese Wall Security Policy model (CWSP model), defined by Brewer and Nash in, provides access control based on the definition of conflict of interest classes. This model addresses in particular the commercial business sector. In their model Brewer and Nash made the implicit assumption that a conflict of interest is an equivalence relation. Lin presented a modified version of the model called the Aggressive Chinese Wall Security Policy model (ACWSP model). He showed in that the "conflict of interest" is a binary relation, but not, in general, an equivalence relation like Brewer and Nash assumed. Lin observed that the Conflict of Interest relation is symmetric but non-reflexive and non-transitive. In the world of business, symmetric conflict of interest classes are not the default. In this paper a new model is presented that is based on a non-symmetric, non-reflexive and non-transitive conflict of interest relation, where each object is allowed to define its own time dependent Conflict Function and Conflict Of Interest List. Before a subject is allowed to do a write access to an object, each object that has been read accessed by the same subject before has to acknowledge that it is free of conflict with the object the subject intends to write access currently. Otherwise the write access is denied.