Evaluation of a Protocol to Prevent Illegal Information Flow Based on Maximal Roles in the RBAC Model
In the access control models to make a system secure, a transaction is allowed to read and write an object like a file only if access rights on the object are granted. Suppose a transaction \(T_1\) reads data d from a file \(f_1\) and then writes the data d to another file \(f_2\). Here, another transaction \(T_2\) can get the data d by reading the file \(f_2\) even if \(T_2\) is not granted a read right on the file \(f_1\). Here, the read operation issued by the transaction \(T_2\) is illegal. In our previous studies, a condition to detect an illegal read operation is defined based on the role-based access control (RBAC) model. Here, once a transaction issues an illegal read operation, the transaction is aborted. However, even if the illegal condition is satisfied for a transaction issuing a read operation, illegal information flow may not occur. In this paper, we newly propose a modified read abortion (MRA) protocol which uses a new condition on maximal roles of role sets. In addition, we consider only maximal roles which include a read right on an object which a transaction can read. In the evaluation, we show the number of transactions aborting can be reduced.
KeywordsIllegal information flow Role-based access control (RBAC) model Maximal roles MRA protocol
The work was supported by JSPS KAKENHI grant number 15H0295.
- 1.Database management system sybase. http://infocenter.sybase.com/help/index.jsp
- 6.Nakamura, S., Duolikun, D., Aikebaier, A., Enokido, T., Takizawa, M.: Role-based information flow control models. In: Proceedings of the IEEE the 28th International Conference on Advanced Information Networking and Applications (AINA 2014), pp. 1140–1147 (2014)Google Scholar
- 7.Nakamura, S., Duolikun, D., Enokido, T., Takizawa, M.: A flexible read-write abortion protocol to prevent illegal information flow among objects. J. Mob. Multimed. 11(3–4), 263–280 (2015)Google Scholar