A Dynamic Label Checking Approach for Information Flow Control in Web Services

A Dynamic Label Checking Approach for Information Flow Control in Web Services

Zahir Tari (RMIT University, Australia), Peter Bertok (RMIT University, Australia) and Dusan Simic (RMIT University, Australia)
Copyright: © 2006 |Pages: 28
DOI: 10.4018/jwsr.2006010101
OnDemand PDF Download:
$37.50

Abstract

Information Flow Control (IFC) is a method of enforcing confidentiality by using labels, data structures for specifying security classifications. IFC is used in programming languages to monitor procedures in an attempt to detect and prevent information leakage. While it ensures greater security, IFC excessively restricts flow of information. This paper presents a model of information flow control using semi-discretionary label structures. We propose a set of rules that not only increases the flexibility of IFC but also defines labels as a practical component of a security system. We propose a dynamic approach using a centralized model for dynamic label checking and verify the proposed model using theoretical proofs.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 14: 4 Issues (2017): Forthcoming, Available for Pre-Order
Volume 13: 4 Issues (2016)
Volume 12: 4 Issues (2015)
Volume 11: 4 Issues (2014)
Volume 10: 4 Issues (2013)
Volume 9: 4 Issues (2012)
Volume 8: 4 Issues (2011)
Volume 7: 4 Issues (2010)
Volume 6: 4 Issues (2009)
Volume 5: 4 Issues (2008)
Volume 4: 4 Issues (2007)
Volume 3: 4 Issues (2006)
Volume 2: 4 Issues (2005)
Volume 1: 4 Issues (2004)
View Complete Journal Contents Listing