Various pieces of personal information are correlated to the My Number program, which establishes national identification numbers that are unique to each citizen and resident of Japan. Hence, its protection is paramount. However, whereas the aim of current security measures is to prevent leaks directly, we must consider the possibility of non-secret information being used to indirectly leak secret information by inference. We studied a hypergraph-based model that is used to prevent the possibility of information leaks by inference. Only reading operations are considered in our previous works. However, writing operations have to be considered. We propose covert channel analysis models with inference rules and reading and writing operations. In addition, management mechanisms for the history of accesses to objects by users are required to analysis the satisfaction of the inference rules. If the history of accesses are altered, the information leakages by the inference attack are occurred. In our research, a block chain is used to manage the access log to solve problems mentioned above. Furthermore, we propose a dynamic access control model with access log managed by the blockchain and the inference path detection model.
[1]
Virgil D. Gligor,et al.
A Formal Method for the Identification of Covert Storage Channels in Source Code
,
1987,
1987 IEEE Symposium on Security and Privacy.
[2]
Ryo Suzuki,et al.
A Hypergraph-Based Model against Information Leakage by Inference
,
2012
.
[3]
Vitaly I. Voloshin,et al.
Colouring Planar Mixed Hypergraphs
,
2000,
Electron. J. Comb..
[4]
Kinoshita Hirotsugu,et al.
Multiagent System Based on Genetic Access Matrix Analysis
,
2012
.
[5]
Miyata Sumiko,et al.
Access Control Model for the My Number National Identification Program in Japan
,
2014,
COMPSAC 2014.
[6]
Chris Clifton,et al.
Privacy Preserving Data Mining (Advances in Information Security)
,
2005
.
[7]
Jens Vygen,et al.
The Book Review Column1
,
2020,
SIGACT News.