{"title":"基于角色的访问控制模型中防止非法信息流的事务同步","authors":"T. Enokido, M. Takizawa","doi":"10.1109/AINA.2008.145","DOIUrl":null,"url":null,"abstract":"The role-based access control (RBAC) model is widely used to make information systems secure. Even if every access request is authorized in the roles, illegal information flow might occur as the well known confinement problem. In this paper, we discuss how to prevent illegal information flow to occur by synchronizing conflicting transactions in the RBAC model. We first define types of information flow relations, legal (LIF), illegal (IIF), and possibly illegal (PIF) ones R<sub>1</sub> = R<sub>2</sub>, R<sub>1</sub> rarr R<sub>2</sub>, and R1 rarr R<sub>2</sub> among a pair of role families R\\ and Ri, respectively. Here, let T<sub>1</sub> and T<sub>2</sub> be a pair of transactions with role families R<sub>1</sub> and R<sub>2</sub> respectively. Suppose T<sub>1</sub> precedes T<sub>2</sub> in a schedule, i.e. for every pair of conflicting methods op\\ and opi from T\\ andT% respectively, op\\ is performed prior to op<sub>2</sub>- Here, if the LIF relation R<sub>1</sub> = R<sub>2</sub> holds, no illegal information flow occur. If R<sub>1</sub> rarr R<sub>2</sub>, illegal information flow necessarily occur. R<sub>1</sub> rarr R<sub>2</sub> implies that illegal information flow might occur depending on in which order the transactions perform what methods.","PeriodicalId":328651,"journal":{"name":"22nd International Conference on Advanced Information Networking and Applications (aina 2008)","volume":"78 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Synchronization of Transactions to Prevent Illegal Information Flow in a Role-Based Access Control Model\",\"authors\":\"T. Enokido, M. Takizawa\",\"doi\":\"10.1109/AINA.2008.145\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The role-based access control (RBAC) model is widely used to make information systems secure. Even if every access request is authorized in the roles, illegal information flow might occur as the well known confinement problem. In this paper, we discuss how to prevent illegal information flow to occur by synchronizing conflicting transactions in the RBAC model. We first define types of information flow relations, legal (LIF), illegal (IIF), and possibly illegal (PIF) ones R<sub>1</sub> = R<sub>2</sub>, R<sub>1</sub> rarr R<sub>2</sub>, and R1 rarr R<sub>2</sub> among a pair of role families R\\\\ and Ri, respectively. Here, let T<sub>1</sub> and T<sub>2</sub> be a pair of transactions with role families R<sub>1</sub> and R<sub>2</sub> respectively. Suppose T<sub>1</sub> precedes T<sub>2</sub> in a schedule, i.e. for every pair of conflicting methods op\\\\ and opi from T\\\\ andT% respectively, op\\\\ is performed prior to op<sub>2</sub>- Here, if the LIF relation R<sub>1</sub> = R<sub>2</sub> holds, no illegal information flow occur. If R<sub>1</sub> rarr R<sub>2</sub>, illegal information flow necessarily occur. R<sub>1</sub> rarr R<sub>2</sub> implies that illegal information flow might occur depending on in which order the transactions perform what methods.\",\"PeriodicalId\":328651,\"journal\":{\"name\":\"22nd International Conference on Advanced Information Networking and Applications (aina 2008)\",\"volume\":\"78 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-03-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"22nd International Conference on Advanced Information Networking and Applications (aina 2008)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/AINA.2008.145\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"22nd International Conference on Advanced Information Networking and Applications (aina 2008)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AINA.2008.145","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Synchronization of Transactions to Prevent Illegal Information Flow in a Role-Based Access Control Model
The role-based access control (RBAC) model is widely used to make information systems secure. Even if every access request is authorized in the roles, illegal information flow might occur as the well known confinement problem. In this paper, we discuss how to prevent illegal information flow to occur by synchronizing conflicting transactions in the RBAC model. We first define types of information flow relations, legal (LIF), illegal (IIF), and possibly illegal (PIF) ones R1 = R2, R1 rarr R2, and R1 rarr R2 among a pair of role families R\ and Ri, respectively. Here, let T1 and T2 be a pair of transactions with role families R1 and R2 respectively. Suppose T1 precedes T2 in a schedule, i.e. for every pair of conflicting methods op\ and opi from T\ andT% respectively, op\ is performed prior to op2- Here, if the LIF relation R1 = R2 holds, no illegal information flow occur. If R1 rarr R2, illegal information flow necessarily occur. R1 rarr R2 implies that illegal information flow might occur depending on in which order the transactions perform what methods.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
