论文信息 - A Transaction-Based Purpose-Oriented Access Control Model for Information Flow Management

A Transaction-Based Purpose-Oriented Access Control Model for Information Flow Management

Distributed applications are realized by cooperation of multiple objects. Each object is manipulated through a method supported by the object and then the method may further invoke methods of other objects. Purpose-oriented access rules indicate what methods in objects can invoke methods of other objects. Information flow among the objects occurs if the requests and responses of the methods carry data. The information flow depends on an invocation sequence of methods. We discuss how the invocation sequence of methods influences the information flow.

Hiroaki Higaki | Masashi Yasuda | Makoto Takizawa | T. Ishida

[1] Butler W. Lampson,et al. A note on the confinement problem , 1973, CACM.

[2] Ravi S. Sandhu,et al. Lattice-based access control models , 1993, Computer.

[3] Roy T. Fielding,et al. Hypertext Transfer Protocol - HTTP/1.0 , 1996, RFC.

[4] Dorothy E. Denning,et al. A lattice model of secure information flow , 1976, CACM.

[5] David A. Bell,et al. Secure computer systems: mathematical foundations and model , 1973 .

[6] Makoto Takizawa,et al. Purpose-Oriented Access Control Model in Object-Based Systems , 1997, ACISP.

[7] Zahir Tari,et al. A Role-Based Access Control for Intranet Security , 1997, IEEE Internet Comput..

[8] Ravi S. Sandhu,et al. Role-Based Access Control Models , 1996, Computer.

[9] Hiroaki Higaki,et al. A purpose-oriented access control model for information flow management , 1998 .