A read-write abortion protocol to prevent illegal information flow in role-based access control systems

Abstract

In information systems, a transaction may illegally read data stored in an object which the transaction is not allowed to read is stored in the object. A transaction illegally writes data to an object after issuing illegal read. A transaction suspiciously reads data in a suspicious object whose data is not allowed to flow to some object. A transaction impossibly writes data to an object after issuing suspicious read. In our previous studies, the write-abortion (WA) role-based synchronisation (RBS) and object-based synchronisation (OBS) protocols are proposed where a transaction illegally or impossibly writes data to objects is aborted. In this paper, we newly propose a pair of read-write-abortion (RWA) RBS and OBS protocols where a transaction is aborted only if the transaction issues an illegal read or impossible write to an object. In the evaluation, the execution time of each transaction in RWA protocols is shorter than the WA protocols.