Abstract | ||
---|---|---|
Information Flow Control (IFC) is a method of enforcing confidentiality by using labels, data structures for specifying security classifications. IFC is used in programming languages to monitor procedures in an attempt to detect and prevent information leakage. While it ensures greater security, IFC excessively restricts flow of information. This paper presents a model of information flow control using semi-discretionary label structures. We propose a set of rules that not only increases the flexibility of IFC but also defines labels as a practical component of a security system. We propose a dynamic approach using a centralized model for dynamic label checking and verify the proposed model using theoretical proofs. |
Year | DOI | Venue |
---|---|---|
2006 | 10.4018/jwsr.2006010101 | INTERNATIONAL JOURNAL OF WEB SERVICES RESEARCH |
Keywords | Field | DocType |
data security, declassification, information flow control, security labels | Data structure,Data mining,Information flow (information theory),Data security,Information leakage,Computer science,Declassification,Security service,Web service,Computer security model | Journal |
Volume | Issue | ISSN |
3 | 1 | 1545-7362 |
Citations | PageRank | References |
10 | 0.69 | 0 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Zahir Tari | 1 | 2409 | 368.61 |
Peter Bertók | 2 | 158 | 35.62 |
D. Simic | 3 | 15 | 1.79 |