TY - GEN
T1 - The Limes Security Model for Information Flow Control
AU - Hermann, Eckehard
PY - 2011
Y1 - 2011
N2 - In the business world, the protection of information and data objects and their well-directed flow is essential for the success of enterprises. The Chinese Wall Security Policy model (CWSP model), defined by Brewer and Nash in [1], provides access control based on the definition of conflict of interest classes. This model addresses in particular the commercial business sector. In their model Brewer and Nash made the implicit assumption that a conflict of interest is an equivalence relation. Lin [2] presented a modified version of the model called the Aggressive Chinese Wall Security Policy model (ACWSP model). He showed in [5] that the "conflict of interest" is a binary relation, but not, in general, an equivalence relation like Brewer and Nash assumed. Lin observed that the Conflict of Interest relation is symmetric but non-reflexive and non-transitive. In the world of business, symmetric conflict of interest classes are not the default. In this paper a new model is presented that is based on a non-symmetric, non-reflexive and non-transitive conflict of interest relation, where each object is allowed to define its own time dependent Conflict Function and Conflict Of Interest List. Before a subject is allowed to do a write access to an object, each object that has been read accessed by the same subject before has to acknowledge that it is free of conflict with the object the subject intends to write access currently. Otherwise the write access is denied.
AB - In the business world, the protection of information and data objects and their well-directed flow is essential for the success of enterprises. The Chinese Wall Security Policy model (CWSP model), defined by Brewer and Nash in [1], provides access control based on the definition of conflict of interest classes. This model addresses in particular the commercial business sector. In their model Brewer and Nash made the implicit assumption that a conflict of interest is an equivalence relation. Lin [2] presented a modified version of the model called the Aggressive Chinese Wall Security Policy model (ACWSP model). He showed in [5] that the "conflict of interest" is a binary relation, but not, in general, an equivalence relation like Brewer and Nash assumed. Lin observed that the Conflict of Interest relation is symmetric but non-reflexive and non-transitive. In the world of business, symmetric conflict of interest classes are not the default. In this paper a new model is presented that is based on a non-symmetric, non-reflexive and non-transitive conflict of interest relation, where each object is allowed to define its own time dependent Conflict Function and Conflict Of Interest List. Before a subject is allowed to do a write access to an object, each object that has been read accessed by the same subject before has to acknowledge that it is free of conflict with the object the subject intends to write access currently. Otherwise the write access is denied.
KW - Chinese wall
KW - Information flow control
KW - Security model
KW - Security policy model
KW - Service oriented architecture
UR - http://www.scopus.com/inward/record.url?scp=80455144599&partnerID=8YFLogxK
U2 - 10.1109/ARES.2011.88
DO - 10.1109/ARES.2011.88
M3 - Conference contribution
SN - 9780769544854
T3 - Proceedings of the 2011 6th International Conference on Availability, Reliability and Security, ARES 2011
SP - 573
EP - 580
BT - Proceedings of the 2011 6th International Conference on Availability, Reliability and Security, ARES 2011
PB - IEEE Computer Society Press
T2 - Sixth IEEE International Conference on Availability, Reliability and Security (ARES)
Y2 - 22 August 2011 through 26 August 2011
ER -