面向对象系统中信息流控制的细粒度访问权限

A. Maamir, A. Fellah, L.A. Salem
{"title":"面向对象系统中信息流控制的细粒度访问权限","authors":"A. Maamir, A. Fellah, L.A. Salem","doi":"10.1109/ISA.2008.98","DOIUrl":null,"url":null,"abstract":"One of the main features of information flow control is to ensure the enforcement of privacy and regulated accessibility. However, most information flow control models that have been proposed do not provide substantial assurance to enforce end-to-end confidentiality policies or they are too restrictive, overprotected, and inflexible. We present a model for discretionary access controls that is in harmony with the object oriented paradigm. The model uses access rights applied to object attributes and methods, thus allowing considerable flexibility without compromising system security by leaking sensitive information. Models based on message filtering intercept every message exchanged among objects to control the flow of information. We present an algorithm which enforces message filtering based on the defined access rights.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"Fine Granularity Access Rights for Information Flow Control in Object Oriented Systems\",\"authors\":\"A. Maamir, A. Fellah, L.A. Salem\",\"doi\":\"10.1109/ISA.2008.98\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"One of the main features of information flow control is to ensure the enforcement of privacy and regulated accessibility. However, most information flow control models that have been proposed do not provide substantial assurance to enforce end-to-end confidentiality policies or they are too restrictive, overprotected, and inflexible. We present a model for discretionary access controls that is in harmony with the object oriented paradigm. The model uses access rights applied to object attributes and methods, thus allowing considerable flexibility without compromising system security by leaking sensitive information. Models based on message filtering intercept every message exchanged among objects to control the flow of information. We present an algorithm which enforces message filtering based on the defined access rights.\",\"PeriodicalId\":212375,\"journal\":{\"name\":\"2008 International Conference on Information Security and Assurance (isa 2008)\",\"volume\":\"3 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-04-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 International Conference on Information Security and Assurance (isa 2008)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISA.2008.98\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 International Conference on Information Security and Assurance (isa 2008)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISA.2008.98","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 8

摘要

信息流控制的主要特征之一是确保隐私和可访问性的执行。然而,已经提出的大多数信息流控制模型并没有提供实质性的保证来强制执行端到端的机密性策略,或者它们过于限制、过度保护和不灵活。我们提出了一个与面向对象范例相协调的自由访问控制模型。该模型使用应用于对象属性和方法的访问权限,从而允许相当大的灵活性,而不会因泄露敏感信息而损害系统安全性。基于消息过滤的模型拦截对象之间交换的每条消息,以控制信息流。提出了一种基于定义的访问权限进行消息过滤的算法。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Fine Granularity Access Rights for Information Flow Control in Object Oriented Systems
One of the main features of information flow control is to ensure the enforcement of privacy and regulated accessibility. However, most information flow control models that have been proposed do not provide substantial assurance to enforce end-to-end confidentiality policies or they are too restrictive, overprotected, and inflexible. We present a model for discretionary access controls that is in harmony with the object oriented paradigm. The model uses access rights applied to object attributes and methods, thus allowing considerable flexibility without compromising system security by leaking sensitive information. Models based on message filtering intercept every message exchanged among objects to control the flow of information. We present an algorithm which enforces message filtering based on the defined access rights.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
A New Electronic Communication Technology - VT Position Code Communication Technology and Its Implementation CRYPTEX Model for Software Source Code The Economics of Privacy-Privacy: People, Policy and Technology Why MSN Lost to QQ in China Market? Different Privacy Protection Design Maximizing Return on Security Safeguard Investment with Constraint Satisfaction
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1