| Presentation | 2008-07-25 The Lattice Model of the Generalized Confidentiality Policy Taketoshi SAKURABA, Kouichi SAKURAI, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | An information flow policy is defined as a set of information flow rules among security-classes. Implementations of such flow control systems usually adopt fixed structures of security-classes such as multilevel security. In an environment in which secrets are dynamically generated, and permissions are frequently changed, such fixed structure however does not work. We need to change the structure dynamically based on attributes of confidential information but not to adjust the secrets to fixed security-classes. This paper proposes a method that derives an information flow rule from confidentiality policy, a set of attributes of all secrets. The adequacy of the method is explained by semantics of secrets, and its properties are proved in a mathematical manner. The proposed method provides a lattice-based flow rules. We try to reduce the size of the lattice. Also, we show that any information flow policies can be interpreted as a confidentiality policy, and that the lattice derived by Denning [1] from the information flow policy is same with the lattice derived from the interpreted confidentiality policy. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Information Flow Policy / Confidentiality Policy / Access Control / Lattice Model / Galois Connection |
| Paper # | ISEC2008-41 |
| Date of Issue |
| Conference Information | |
| Committee | ISEC |
|---|---|
| Conference Date | 2008/7/17(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information Security (ISEC) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | The Lattice Model of the Generalized Confidentiality Policy |
| Sub Title (in English) | |
| Keyword(1) | Information Flow Policy |
| Keyword(2) | Confidentiality Policy |
| Keyword(3) | Access Control |
| Keyword(4) | Lattice Model |
| Keyword(5) | Galois Connection |
| 1st Author's Name | Taketoshi SAKURABA |
| 1st Author's Affiliation | Systems Development Laboratory, Hitachi, Ltd.() |
| 2nd Author's Name | Kouichi SAKURAI |
| 2nd Author's Affiliation | Faculty of Information Science and Electrical Engineering, Kyushu University |
| Date | 2008-07-25 |
| Paper # | ISEC2008-41 |
| Volume (vol) | vol.108 |
| Number (no) | 162 |
| Page | pp.pp.- |
| #Pages | 8 |
| Date of Issue | |