Sciweavers

ASIAN
2007
Springer

An Integrated Model for Access Control and Information Flow Requirements

14 years 4 months ago
An Integrated Model for Access Control and Information Flow Requirements
Current information systems are more and more complex. They require more interactions between different components and users. So, ensuring system security must not be limited to using an access control model but also, it is primordial to deal with information flows in a system. Thus, an important function of a security policy is to enforce access to different system elements and supervise information flows simultaneously. Several works have been undertaken to join together models of access control and information flow. Unfortunately, beyond the fact that the reference model they use is BLP which is quite rigid, these research works suggest a non integrated models which do nothing but juxtapose access control and information flow controls or are based on a misuse of a mapping between MLS and RBAC models. In this paper, we suggest to formalize DTE model in order to use it as a solution for a flexible information flow control. Then, we integrate it into an unique access control model expr...
Samiha Ayed, Nora Cuppens-Boulahia, Fréd&ea
Added 12 Aug 2010
Updated 12 Aug 2010
Type Conference
Year 2007
Where ASIAN
Authors Samiha Ayed, Nora Cuppens-Boulahia, Frédéric Cuppens
Comments (0)