By Topic

Synchronization of Transactions to Prevent Illegal Information Flow in a Role-Based Access Control Model

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Enokido, T. ; Rissho Univ., Tokyo ; Takizawa, M.

The role-based access control (RBAC) model is widely used to make information systems secure. Even if every access request is authorized in the roles, illegal information flow might occur as the well known confinement problem. In this paper, we discuss how to prevent illegal information flow to occur by synchronizing conflicting transactions in the RBAC model. We first define types of information flow relations, legal (LIF), illegal (IIF), and possibly illegal (PIF) ones R1 = R2, R1 rarr R2, and R1 rarr R2 among a pair of role families R and Ri, respectively. Here, let T1 and T2 be a pair of transactions with role families R1 and R2 respectively. Suppose T1 precedes T2 in a schedule, i.e. for every pair of conflicting methods op and opi from T andT% respectively, op is performed prior to op2- Here, if the LIF relation R1 = R2 holds, no illegal information flow occur. If R1 rarr R2, illegal information flow necessarily occur. R1 rarr R2 implies that illegal information flow might occur depending on in which order the transactions perform what methods.

Published in:

Advanced Information Networking and Applications, 2008. AINA 2008. 22nd International Conference on

Date of Conference:

25-28 March 2008