Managing information flows on discretionary access control models

In 1989, Brewer and Nash (BN) presented a fascinating idea, called Chinese wall security policy model, for commercial security. Their idea was based on the analysis of the notion, conflict of interest binary relation (CIR). Unfortunately, their formalization did not fully catch the appropriate properties of CIR. In this paper, we present a theory based on granulation that has captured the essence of BN's intuitive idea. The results are more than the Chinese wall models: malicious Trojan horses in certain DAC model (discretionary access control) can be controlled or confined.

[1]  Tsau Young Lin Attribute Based Data Model and Polyinstantiation , 1992, IFIP Congress.

[2]  William J. Gilbert,et al.  Modern Algebra with Applications , 2002 .

[3]  Qiming Chen,et al.  Neighborhood and associative query answering , 2004, Journal of Intelligent Information Systems.

[4]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[5]  T. Young CHINESE WALL SECURITY MODEL AND CONFLICT ANALYSIS , 2000 .

[6]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[7]  Lotfi A. Zadeh,et al.  Some reflections on information granulation and its centrality in granular computing, computing with words, the computational theory of perceptions and precisiated natural language , 2002 .

[8]  T. C. Ting,et al.  Towards Information Assurance for Dynamic Coalitions , 2002 .

[9]  T. Y. Lin,et al.  Neighborhood systems and relational databases , 1988, CSC '88.

[10]  Frank Harary,et al.  A formal system for information retrieval from files , 1970, Commun. ACM.

[11]  Lotfi A. Zadeh,et al.  Fuzzy sets and information granularity , 1996 .

[12]  Ravi S. Sandhu,et al.  How to do discretionary access control using roles , 1998, RBAC '98.

[13]  T. C. Ting A User-Role Based Data Security Approach , 1988, Database Security.

[14]  Ravi S. Sandhu Lattice-based enforcement of Chinese Walls , 1992, Comput. Secur..

[15]  T. T. Lee An algebraic theory of relational databases , 1983, The Bell System Technical Journal.

[16]  Ravi S. Sandhu,et al.  Configuring role-based access control to enforce mandatory and discretionary access control policies , 2000, TSEC.

[17]  Zdzislaw Pawlak,et al.  On Conflicts , 1984, Int. J. Man Mach. Stud..

[18]  Tsau Young Lin Chinese Wall security model and conflict analysis , 2000, Proceedings 24th Annual International Computer Software and Applications Conference. COMPSAC2000.

[19]  T. C. Ting,et al.  Role Delegation for a Resource-Based Security Model , 2002, DBSec.

[20]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[21]  Tsau Young Lin,et al.  Chinese wall security policy-an aggressive model , 1989, [1989 Proceedings] Fifth Annual Computer Security Applications Conference.

[22]  T. C. Ting,et al.  Towards a Definitive Paradigm for Security in Object-Oriented Systems and Applications , 1997, Journal of computing and security.

[23]  Eugene Wong,et al.  Canonical structure in attribute based file organization , 1971, CACM.

[24]  T. Y. Lin,et al.  Granular Computing on Binary Relations II Rough Set Representations and Belief Functions , 1998 .

[25]  T. Y. Lin tylin,et al.  NEIGHBORHOOD SYSTEMS : A Qualitative Theory for Fuzzy and Rough , 1995 .

[26]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.