Information flow in a purpose-oriented access control model

Author

Yasuda, Masashi ; Tachikawa, Takayuki ; Takizawa, Makoto

Author_Institution

Dept. of Comput. & Syst. Eng., Tokyo Denki Univ., Japan

fYear

1997

fDate

10-13 Dec 1997

Firstpage

244

Lastpage

249

Abstract

In distributed applications, a group of multiple objects are cooperating to achieve some objectives. An object is modeled as a pair of data structures and operations. Each object is manipulated through an operation supported by the object and then the operation may further invoke operations of other objects, i.e., nested operations. The purpose-oriented access rules indicate which operation on each object can invoke operations of other objects. The information flow among the objects occur if the requests and responses of the operations carry some data. Only the purpose-oriented access rules which imply the legal information flow are allowed. We discuss how to test the access rules if the information flow occurring in the nested invocation of the operations is legal

Keywords

authorisation; client-server systems; distributed processing; flow graphs; object-oriented methods; security of data; client server systems; data structures; distributed applications; flow graph; information flow; legal information flow; multiple object cooperation; nested invocation; nested operations; object oriented method; purpose-oriented access control model; Access control; Application software; Client-server systems; Data structures; Distributed computing; Information security; Law; Legal factors; System testing; Systems engineering and theory;

fLanguage

English

Publisher

ieee

Conference_Titel

Parallel and Distributed Systems, 1997. Proceedings., 1997 International Conference on

Conference_Location

Seoul

Print_ISBN

0-8186-8227-2

Type

conf

DOI

10.1109/ICPADS.1997.652557

Filename

652557