TY - GEN
T1 - The Common Limes Security Model for Asset Flow Control in Decentralized, Insecure Systems
AU - Hermann, Eckehard
AU - Grimm, Rüdiger
PY - 2013
Y1 - 2013
N2 - Information and knowledge are assets. Therefore, authorization conflicts about information flow are subject to security concerns. The protection of information flow in a decentralized system is an important security objective in the business world. Once information is given away, there is an asymmetric relationship between the owner and the recipient of the information, because the owner has no control over a proper use or misuse by the recipient. The Common Limes Security Model (the Limes model for short) presented in this paper is a substantial extension of a simple model. It provides provable policies for asset (information) flow control. Rule elements are history and conflict functions maintained by the asset owners and protected by contracts between communication partners. If correctly implemented and enforced the rules of the Limes model guarantee the protection of assets from an unauthorized flow. They allow an information object to stay in a secure state in a decentralized, i.e. in an insecure environment. This paper defines the model and proves the security of its rules.
AB - Information and knowledge are assets. Therefore, authorization conflicts about information flow are subject to security concerns. The protection of information flow in a decentralized system is an important security objective in the business world. Once information is given away, there is an asymmetric relationship between the owner and the recipient of the information, because the owner has no control over a proper use or misuse by the recipient. The Common Limes Security Model (the Limes model for short) presented in this paper is a substantial extension of a simple model. It provides provable policies for asset (information) flow control. Rule elements are history and conflict functions maintained by the asset owners and protected by contracts between communication partners. If correctly implemented and enforced the rules of the Limes model guarantee the protection of assets from an unauthorized flow. They allow an information object to stay in a secure state in a decentralized, i.e. in an insecure environment. This paper defines the model and proves the security of its rules.
KW - Information flow control
KW - Policy enforcement in an open world
KW - Security policy model
UR - http://www.scopus.com/inward/record.url?scp=84892375715&partnerID=8YFLogxK
U2 - 10.1109/ARES.2013.28
DO - 10.1109/ARES.2013.28
M3 - Conference contribution
SN - 9780769550084
T3 - Proceedings - 2013 International Conference on Availability, Reliability and Security, ARES 2013
SP - 208
EP - 217
BT - Proceedings - 2013 International Conference on Availability, Reliability and Security, ARES 2013
PB - IEEE Computer Society Press
T2 - 2013 International IEEE Conference on Availability, Reliability and Security (ARES)
Y2 - 2 September 2013 through 6 September 2013
ER -