Abstract
In access control models, a transaction is allowed to read and write an object only if access rights to read and write the object are granted, respectively. Suppose a transaction \(T_1\) reads data d from a file object \(f_1\) and then writes the data d to another file object \(f_2\). Here, another transaction \(T_2\) can get the data d by reading the file object \(f_2\) even if \(T_2\) is not granted a read right on the file object \(f_1\). Here, information in the file object \(f_1\) flows to the transaction \(T_2\) via the file object \(f_2\). We have to prevent illegal information flow to occur by transactions manipulating objects. The role-based access control (RBAC) model is widely used in various applications like database systems. In our previous studies, the legally precedent relation from a role to a role is defined. However, even if the legal condition is satisfied, there is case illegal information flow occurs. In this paper, we redefine legal and illegal precedent relations among roles. In order to check if a collection A of roles illegally precedes a collection B of roles, we introduce a new condition which uses maximal roles of A and B.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Database managiment system sybase. http://infocenter.sybase.com/help/index.jsp
Date, C.J.: An Introduction to Database Systems, 8th edn. Adison Wesley, Boston (2013)
Denning, D.E.R.: Cryptography and Data Security. Addison Wesley, Reading (1982)
Enokido, T., Takizawa, M.: Purpose-based information flow control for cyber engineering. IEEE Trans. Ind. Electron. 58(6), 2216–2225 (2011)
Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role-based Access Controls, 2nd edn. Artech, Norwood (2007)
Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M.: A flexible read-write abortion protocol to prevent illegal information flow among objects. J. Mob. Multimed. 11(3&4), 263–280 (2015)
Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M.: A write abortion-based protocol in role-based access control systems. Int. J. Adapt. Innov. Syst. 2(2), 142–160 (2015)
Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M.: A read-write abortion (rwa) protocol to prevent illegal information flow in role-based access control systems. Int. J. Space Based Situat. Comput. 6(1), 43–53 (2016)
Nakamura, S., Duolikun, D., Takizawa, M.: Read-abortion (ra) based synchronization protocols to prevent illegal information flow. J. Comput. Syst. Sci. 81(8), 1441–1451 (2015)
Wang, M., Wang, J., Guo, K.: Extensible markup language keywords search based on security access control. Int. J. Grid Util. Comput. 9(1), 43–50 (2018)
Acknowledgements
The work was supported by JSPS KAKENHI grant number 15H0295.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Hayashi, S., Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M. (2019). A Synchronization Protocol to Prevent Illegal Information Flow Based on Maximal Roles in the Role-Based Access Control Model. In: Barolli, L., Leu, FY., Enokido, T., Chen, HC. (eds) Advances on Broadband and Wireless Computing, Communication and Applications. BWCCA 2018. Lecture Notes on Data Engineering and Communications Technologies, vol 25. Springer, Cham. https://doi.org/10.1007/978-3-030-02613-4_47
Download citation
DOI: https://doi.org/10.1007/978-3-030-02613-4_47
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02612-7
Online ISBN: 978-3-030-02613-4
eBook Packages: EngineeringEngineering (R0)