Skip to Main Content
The role-based access control model is widely used to keep information systems secure. Here, a subject s is allowed to issue a method op to an object o only if an access right (o, op) is included in the roles granted to the subject s. Even if every access request is authorized in the roles, illegal information flow might occur as well known confinement problem. A legal information flow relation (R1 lesI R2) among a pair of role families R1 and R2 shows that no illegal information flow occur if a transaction T1 with a role family R1 is performed prior to another transaction T2 with R2. In addition, a significantly precedent relation R1 less R2 implies that a role family R2 is more significant than R1. We discuss a legal information flow (LIF) scheduler to synchronize transactions so as to prevent illegal information flow and how to serialize conflicting methods from multiple transactions in terms of significancy and information flow relation of roles families. We evaluate the LIF scheduler in terms of how much illegal information flow can be prevented.
Date of Conference: 10-14 Sept. 2007