Abstract
We propose FlexFlow, a logic based flexible flow control framework to specify data-flow, work-flow and transaction systems policies that go beyond point-to-point flows. Both permissions and prohibitions are specifiable in FlexFlow and meta-policies such as permissions take precedence themselves can be specified over the meta-policy neutral policy specification environment of FlexFlow. We show the expressibility of FlexFlow by expressing three existing flow control models which were proposed for different applications and used different mechanisms.
Chapter PDF
Similar content being viewed by others
References
C. Baral and V.S. Subrahmanian. Stable and extension class theory for logic programs and default theories. Journal of Automated Reasoning, 8:345–366, 1992.
D.E. Bell and L.J. LaPadula. Secure computer systems: Mathematical foundations and model. Report M74-244, Mitre Corp., Bedford, MA, 1975.
S. Chen, D. Wijesekera, and S. Jajodia. Flexflow: A flexible flow control policy specification framework. Report ISE-TR-03-04, Center for Secure Information Systems, Fairfax, VA, 2003.
D.E. Denning. A lattice model of secure information flow. Communication of ACM, pages 236–243, May 1976.
E. Ferrari, P. Samarati, E. Bertino, and S. Jajodia. Providing flexibility in information flow control for object-oriented systems. In Proceedings of the IEEE Symposium on Security and Privacy, pages 130–140, Oakland, CA, May 1997. IEEE.
S.N. Foley. A model for secure information flow. In Proceedings of the IEEE symposium on Security and Privacy, Oakland, CA, May 1989.
A. V. Gelder. The alternating fixpoint of logic programs with negation. In Proc. 8th ACM Symposium on Principles of Database Systems, pages 1–10, 1989.
M. Gelfond and V. Lifschitz. The stable model semantics for logic programming. In Proc. Fifth International Conference and Symposium on Logic Programming, pages 1070–1080, 1988.
S. Jajodia, P. Samarati, M.L. Sapino, and V.S. Subrahmanian. Flexible support for multiple access control policies. ACM Transactions on Database Systems, 26(4): 1–57, June 2001.
C.J. McCollum, J.R. Messing, and L. Notargiacomo. Beyond the pale of mac and dac-defining new forms of access control. In Proceedings of the IEEE symposium on Security and Privacy, pages 190–200, Oakland, CA, May 1990.
A.C. Myers and B. Liskov. A decentralized model for information flow control. In Proceedings of the 16th ACM Symposium on Operating System Principles, pages 129–142, Saint-Malo, France, October 1997.
P. Samarati, E. Bertino, A. Ciampichetti, and S. Jajodia. Information flow control in object-oriented systems. IEEE Transactions on Knowledge and Data Engineering, 9(4):524–538, July–Aug. 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer Science + Business Media, Inc.
About this chapter
Cite this chapter
Chen, S., Wijesekera, D., Jajodia, S. (2004). FlexFlow: A Flexible Flow Control Policy Specification Framework. In: De Capitani di Vimercati, S., Ray, I., Ray, I. (eds) Data and Applications Security XVII. IFIP International Federation for Information Processing, vol 142. Springer, Boston, MA. https://doi.org/10.1007/1-4020-8070-0_26
Download citation
DOI: https://doi.org/10.1007/1-4020-8070-0_26
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4020-8069-2
Online ISBN: 978-1-4020-8070-8
eBook Packages: Springer Book Archive