Publication | Closed Access
A taxonomy for information flow policies and models
25
Citations
14
References
2002
Year
Unknown Venue
EngineeringInformation SecurityVerificationWorkflow ModellingSystems EngineeringFormal SpecificationData FlowDual ModelInformation Flow PoliciesNetworked Computer SystemsData PrivacyComputer ScienceInformation ManagementInformation FlowSoftware DesignData SecurityFlow PoliciesFormal MethodsSecurity PropertyModel-driven Security
A notation for describing information flow policies that can express transitive, aggregation and separation (of duty) exceptions is proposed. Operators for comparing, composing, and abstracting flow policies are described. These allow complex policies to be built from simpler policies. Many existing confidentiality (and by using a dual model, integrity) policies and their models can be captured in this framework. A high water mark model is described that can enforce a large class of these information flow policies. The model provides the basis for a taxonomy of existing high water mark mechanisms.< <ETX xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">></ETX>
| Year | Citations | |
|---|---|---|
Page 1
Page 1