A model for secure information flow

A model for secure information flow

A model that characterizes systems that restrict information flow is proposed. The model, called the confinement model, provides greater flexibility in the binding of entities to their security classes than the current static case. A consequence of the nature of security class binding in the confine...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: Foley, S.N.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Computer science
Data security
Educational institutions
Information security
Lattices
Upper bound
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A model that characterizes systems that restrict information flow is proposed. The model, called the confinement model, provides greater flexibility in the binding of entities to their security classes than the current static case. A consequence of the nature of security class binding in the confinement model is its ability to enforce nontransitive information-flow policies. A framework of information-flow policies is defined which forms a distributive lattice under operations for policy ordering and combination. It is shown that a state-based MAC (mandatory access) version of the confinement model is the same as a traditional Bell and LaPadula MAC model, except that the confinement model includes a special rule on dynamic class change.< >
DOI:10.1109/SECPRI.1989.36299