Previous [ 1] [ 2] [ 3] [ 4] [ 5] [ 6] [ 7] [ 8] [ 9] [ 10] [ 11] [ 12] [ 13] [ 14] [ 15] [ 16] [ 17] [ 18] [ 19] [ 20]

@

Journal of Information Science and Engineering, Vol. 23 No. 2, pp. 479-496 (March 2007)

An Information Flow Control Model for Both Object-Oriented and Non-Object-Oriented Systems

Shih-Chien Chou and Chia-Wei Lai
Department of Computer Science and Information Engineering
National Dong Hwa University
Hualien, 974 Taiwan
E-mail: scchou@mail.ndhu.edu.tw

Preventing information leakage during system execution is essential for a system that manages sensitive information. The prevention can be achieved through information flow control. Many information flow control models have been developed, in which most are for object-oriented systems. In our opinion, the procedural C language is still in used heavily. Therefore, an information flow control model for procedural languages is helpful. We developed a model that can be used in both object-oriented and non-objectoriented systems. This paper proposes the model, which offers the following features: (1) controlling both read and write access, (2) preventing indirect information leakage, (3) detailing the granularity of access control to variables, (4) controlling module call through argument sensitivity, (5) allowing information declassification, (6) controlling information flows among cooperating systems, (7) adapting to dynamic object state change, (8) allowing purpose-oriented method invocation, and (9) avoiding improper function call for non-OO systems.

Keywords: information flow, information flow control, access control list, security, prevent information leakage, object relationship

Full Text () Retrieve PDF document (200703_08.pdf)

Received February 23, 2005; revised November 15, 2005 & November 2, 2006; accepted November 23, 2006.
Communicated by Chu-Sing Yang and H. Y. Mark Liao.