Purpose-Oriented Access Control Model in Object-Based Systems

Distributed applications are modelled in an object-based model like CORBA. Here, the system is a collection of objects. The objects are manipulated only through operations supported by themselves. The purpose-oriented model is proposed where an access rule shows for what each subject s manipulates an object o by an operation t of o so as to keep the information flow legal. The purpose of s to access o by t is modelled to be what operation u of s invokes t to manipulate o. That is, the purpose-oriented access rule is specified in the form (s:u, o:t). In the object-based system, on receipt of a request op from an object o/sub 1/, an object o/sub 2/ computes op and then sends back the response of op to o/sub 1/. Here, if the request and the response carry data, the data in o/sub 1/ and o/sub 2/ is exchanged among o/sub 1/ and o/sub 2/. Furthermore, the operations are nested in the object-based system. Even if each purpose-oriented rule between a pair of objects satisfies the information flow relation, some data in one object may illegally flow to another object through the nested invocation of operations. In this paper, we discuss what information flow is legal in the nested invocations in the purpose-oriented model of the object-based system.

[1]  K J Biba,et al.  Integrity Considerations for Secure Computer Systems , 1977 .

[2]  Silvana Castano,et al.  Database Security , 1997, IFIP Advances in Information and Communication Technology.

[3]  Elisa Bertino,et al.  High assurance discretionary access control for object bases , 1993, CCS '93.

[4]  Makoto Takizawa,et al.  Secure group communication protocol for distributed systems , 1993, Proceedings of 1993 IEEE 17th International Computer Software and Applications Conference COMPSAC '93.

[5]  David A. Bell,et al.  Secure computer systems: mathematical foundations and model , 1973 .

[6]  Roy T. Fielding,et al.  Hypertext Transfer Protocol - HTTP/1.1 , 1997, RFC.

[7]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[8]  A Min Tjoa,et al.  BRANT - An Approach for Knowledge Based Document Classification in the Information Retrieval Domain , 1992, DEXA.

[9]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[10]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.