¡@

Preventing information leakage during system execution is essential for a system that manages sensitive information. The prevention can be achieved through information flow control. Many information flow control models have been developed, in which most are for object-oriented systems. In our opinion, the procedural C language is still in used heavily. Therefore, an information flow control model for procedural languages is helpful. We developed a model that can be used in both object-oriented and non-objectoriented systems. This paper proposes the model, which offers the following features: (1) controlling both read and write access, (2) preventing indirect information leakage, (3) detailing the granularity of access control to variables, (4) controlling module call through argument sensitivity, (5) allowing information declassification, (6) controlling information flows among cooperating systems, (7) adapting to dynamic object state change, (8) allowing purpose-oriented method invocation, and (9) avoiding improper function call for non-OO systems.

Keywords: information flow, information flow control, access control list, security, prevent information leakage, object relationship

Retrieve PDF document (200703_08.pdf)

Received February 23, 2005; revised November 15, 2005 & November 2, 2006; accepted November 23, 2006.
Communicated by Chu-Sing Yang and H. Y. Mark Liao.