Providing flexibility in information flow control for object oriented systems

Oakland, CA May 04-May 07

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/SECPRI.1997.601328

1997 IEEE Symposium on Security and P ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by E. Ferrari Articles by P. Samarati Articles by E. Bertino Articles by S. Jajodia

	ASCII Text	x
	E. Ferrari, P. Samarati, E. Bertino, S. Jajodia, "Providing flexibility in information flow control for object oriented systems," Security and Privacy, IEEE Symposium on, pp. 0130, 1997 IEEE Symposium on Security and Privacy, 1997.

	BibTex	x
	@article{ 10.1109/SECPRI.1997.601328, author = {E. Ferrari and P. Samarati and E. Bertino and S. Jajodia}, title = {Providing flexibility in information flow control for object oriented systems}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {1997}, issn = {1540-7993}, pages = {0130}, doi = {http://doi.ieeecomputersociety.org/10.1109/SECPRI.1997.601328}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - Providing flexibility in information flow control for object oriented systems SN - 1540-7993 SP EP A1 - E. Ferrari, A1 - P. Samarati, A1 - E. Bertino, A1 - S. Jajodia, PY - 1997 KW - object-oriented programming; information flow control flexibility; object oriented systems; authorizations; exception specification; waivers; invoke-waivers; reply-waivers; information transmission; transaction; interaction modes; security specifications; safe information flows; access control VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

E. Ferrari, Dipartimento di Sci. dell'Inf., Milan Univ., Italy

P. Samarati, Dipartimento di Sci. dell'Inf., Milan Univ., Italy

E. Bertino, Dipartimento di Sci. dell'Inf., Milan Univ., Italy

S. Jajodia, Dipartimento di Sci. dell'Inf., Milan Univ., Italy

Abstract: This paper presents an approach to control information flow in object-oriented systems that takes into account, besides authorizations on objects, also how the information has been obtained and/or transmitted. These aspects are considered by allowing exceptions to the restrictions stated by the authorizations. Exceptions are specified by means of waivers associated with methods. Two kinds of waivers are supported: invoke-waivers, specifying exceptions applicable during a method's execution, and reply-waivers, specifying exceptions applicable to the information returned by a method. Information flowing from one object into another object is subject to the different waivers of the methods enforcing the transmission. We formally characterize information transmission and flow in a transaction taking into consideration different interaction modes among objects. We then define security specifications, meaning authorizations and waivers, and characterize safe information flows. We formally define conditions whose satisfaction ensures absence of unsafe flows and present an algorithm enforcing these conditions.

Index Terms:

object-oriented programming; information flow control flexibility; object oriented systems; authorizations; exception specification; waivers; invoke-waivers; reply-waivers; information transmission; transaction; interaction modes; security specifications; safe information flows; access control

Citation:

E. Ferrari, P. Samarati, E. Bertino, S. Jajodia, "Providing flexibility in information flow control for object oriented systems," sp, pp.0130, 1997 IEEE Symposium on Security and Privacy, 1997

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.