Previous [ 1] [ 2] [ 3] [ 4] [ 5] [ 6] [ 7] [ 8] [ 9] [ 10] [ 11] [ 12] [ 13] [ 14] [ 15] [ 16] [ 17] [ 18] [ 19]

@

Journal of Information Science and Engineering, Vol. 23 No. 3, pp. 949-961 (May 2007)

Managing User Associations and the Factors of Laws and Cultures in an Information Flow Control Model for Object-Oriented Systems

Shih-Chien Chou
Department of Computer Science and Information Engineering
National Dong Hwa University
Hualien, 974 Taiwan
E-mail: scchou@mail.ndhu.edu.tw

Users who play roles in an executing application may be in different security levels. In the application, information in high security levels should not be leaked to users in low security levels. To prevent information leakage, information flow control models can be used. We developed a series of models for the control, in which new features are added to newer models. This paper presents the newest model we developed, which offers the following two new functions: (1) correcting permissions invalidated by user association change and (2) adapting to different laws and cultures in different locations.

Keywords: information flow control, security, role-based access control (RBAC), prevent information leakage, law and culture management

Full Text () Retrieve PDF document (200705_19.pdf)

Received August 22, 2002; revised September 14, 2006; accepted January 23, 2007.
Communicated by Tsan-sheng Hsu.