Title :
Granular computing and flow analysis on discretionary access control: Solving the propagation problem
Author :
Lin, Tsau Young ; Pan, Jene
Author_Institution :
Dept. of Comput. Sci., San Jose State Univ., San Jose, CA, USA
Abstract :
Based on granular computing, information flows in Discretionary Access Control (DAC) are examined. DAC are classified in the following nested order: From general to specific, binary neighborhood systems(binary relations), topological spaces (reflexive and transitive relations) and clopen spaces (equivalence relations) in geometric (algebraic) terms. In security terms, the two smaller classes meet information flow security and Chinese wall security policy in respective order. Roughly, information flow security policy (IFSP) means any data can never flow or propagate into the enemy hands of the initial owner. Chinese wall security policy is IFSP, in which enemy is a symmetric relation.
Keywords :
authorisation; binary neighborhood systems; clopen spaces; discretionary access control; equivalence relations; flow analysis; granular computing; information flow security policy; reflexive relations; topological spaces; transitive relations; Access control; Computer science; Cybernetics; Data security; Information security; Internet; Permission; Postal services; Protection; USA Councils; component; formatting; insert (key words); style; styling;
Conference_Titel :
Systems, Man and Cybernetics, 2009. SMC 2009. IEEE International Conference on
Conference_Location :
San Antonio, TX
Print_ISBN :
978-1-4244-2793-2
Electronic_ISBN :
1062-922X
DOI :
10.1109/ICSMC.2009.5345955
