By Topic

The Limes Security Model for Information Flow Control

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Hermann, E. ; Dept. of Secure Inf. Syst., Upper Austria Univ. of Appl. Sci., Linz, Austria

In the business world, the protection of information and data objects and their well-directed flow is essential for the success of enterprises. The Chinese Wall Security Policy model (CWSP model), defined by Brewer and Nash in, provides access control based on the definition of conflict of interest classes. This model addresses in particular the commercial business sector. In their model Brewer and Nash made the implicit assumption that a conflict of interest is an equivalence relation. Lin presented a modified version of the model called the Aggressive Chinese Wall Security Policy model (ACWSP model). He showed in that the "conflict of interest" is a binary relation, but not, in general, an equivalence relation like Brewer and Nash assumed. Lin observed that the Conflict of Interest relation is symmetric but non-reflexive and non-transitive. In the world of business, symmetric conflict of interest classes are not the default. In this paper a new model is presented that is based on a non-symmetric, non-reflexive and non-transitive conflict of interest relation, where each object is allowed to define its own time dependent Conflict Function and Conflict Of Interest List. Before a subject is allowed to do a write access to an object, each object that has been read accessed by the same subject before has to acknowledge that it is free of conflict with the object the subject intends to write access currently. Otherwise the write access is denied.

Published in:

Availability, Reliability and Security (ARES), 2011 Sixth International Conference on

Date of Conference:

22-26 Aug. 2011