Previous [ 1] [ 2] [ 3] [ 4] [ 5] [ 6] [ 7] [ 8] [ 9] [ 10] [ 11] [ 12] [ 13]


Journal of Information Science and Engineering, Vol. 22 No. 1, pp. 49-61 (January 2006)

An Approach to XML-Based Administration and Secure Information Flow Analysis on an Object Oriented Role-Based Access Control Model

Cungang Yang and Chang N. Zhang*
Department of Electrical and Computer Engineering
Ryerson University
Toronto, Ontario, M5B 2K3, Canada
*Department of Computer Science
University of Regina
Regina, Saskatchewan, S4S 0A2, Canada

In this paper, a practical method that can be employed to manage security policies using the eXtensible Markup Language (XML) is presented. The method efficiently administrates security policies based on the object oriented role-based access control model (ORBAC). Moreover, an information flow analysis technique is introduced for checking whether or not a created XML-based ORBAC security policy satisfies the Mandatory Access Control (MAC) security principles.

Keywords: information flow, object oriented role-based access control model (ORBAC), XML, MAC, confinement problem

Full Text () Retrieve PDF document (200601_04.pdf)

Received November 11, 2002; revised April 25, 2005; accepted August 31, 2005.
Communicated by Randy Y. C. Chow.