Dynamic, Flow Control-Based Information Management for Web Services
Keyword(s):
Information Flow Control (IFC) is a method of enforcing confidentiality by using labels, data structures for specifying security classifications. IFC is used in programming languages to monitor procedures in an attempt to detect and prevent information leakage. While it ensures greater security, IFC excessively restricts flow of information. This chapter presents a model of information flow control using semi-discretionary label structures. We propose a set of rules that not only increase the flexibility of IFC, but also define labels as a practical component of a security system. We propose a dynamic approach using a centralized model for dynamic label checking, and verify the proposed model using theoretical proofs.
2004 ◽
Vol 14
(03)
◽
pp. 291-322
2016 ◽
Vol 11
(1)
◽
pp. 44-76
◽
2006 ◽
Vol 3
(1)
◽
pp. 1-28
◽
2020 ◽
pp. 185-219
Keyword(s):
Keyword(s):