Discretionary Information Flow Control for Interaction-Oriented Specifications
نویسندگان
چکیده
This paper presents an approach to specify and check discretionary information flow properties of concurrent systems. The approach is inspired by the success of the interaction-oriented paradigm to concurrent systems (cf. choreographies, behavioural types, protocols,...) in providing behavioural guarantees of global properties such as deadlock-absence. We show how some information flow properties are easier to formalise and check on a global interaction-oriented description of a concurrent system rather than on a local process-oriented description of the components of the system. We use a simple choreography description language adapted from the literature of choreographies and session types. We provide a generic method to instrument the semantics with information flow annotations. Policies are used to specify the admissible flows of information. The main contribution of the paper is a sound type system for statically checking if a system specification ensures an information flow policy. The approach is illustrated with two archetypal examples of distributed and parallel computing systems: a protocol for an identity-secured data providing service and a parallel MapReduce computation.
منابع مشابه
Using Recommenders for Discretionary Access Control
Enterprises increasingly subscribe to Software as a Service (SaaS) applications for collaboration. In the past, enterprise organizational boundaries have been key to the controls on sharing, providing both a social and technical boundary that can slow or stop potentially inappropriate sharing. However, SaaS collaboration technology is often used to across enterprise boundaries. One of the key s...
متن کاملLnRBAC: A Multiple-Levelled Role-Based Access Control Model for Protecting Privacy in Object-Oriented Systems
Role-based access control (RBAC) is useful in information security. It is a super set of discretionary access control (DAC) and mandatory access control (MAC). Since DAC and MAC are useful in information flow control (which protects privacy within an application), RBAC can certainly be used in that control. Our research reveals that different control granularity is needed in different cases whe...
متن کاملModernising MAC: New Forms for Mandatory Access Control in an Era of DRM
By its definition “discretionary access control” or “DAC” was not designed or intended for use in the untrusted environment of current globally connected information systems. In addition, DAC assumed control and responsibility for all programs vested in the user; a situation now largely obsolete with the rapid development of the software industry itself. However, the superior “mandatory access ...
متن کاملData Flow Analysis of System Specifications in Lotos
In LOTOS, a system is specified as a behaviour expression describing the externally observable behaviour of the system in terms of possible sequences of interactions between the system and its environment. The desired control flow and data flow that must be established by a possible implementation of the system are specified in the behaviour expression as implicit enumarations of allowed sequen...
متن کاملProviding flexibility in information flow control for object oriented systems
This paper presents an approach to control information flow in object-oriented systems that takes into account, besides authorizations on objects, also how the information has been obtained and/or transmitted. These aspects are considered by allowing exceptions to the restrictions stated by the authorizations. Exceptions are specified by means of waivers associated with methods. Two kinds of wa...
متن کامل