Abstract
In order to allow for type validation of a variable containing visibility-restricted information in cases where no risk of information leakage exists, it has to be made sure that throwing the standard bpel:invalidVariables fault does not allow conclusions to be drawn as to the value of the information currently contained in this variable. Validation with respect to the proper type of the value contained in a variable may either be caused by a validate activity or by indication of attribute validate=”true” in an assign activity. A more sophisticated check for covert channel prevention with type validation than that proposed in the main part of the book would require assuring that no value restricted subtype of a type is being applied in validation.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Vieweg+Teubner Verlag | Springer Fachmedien Wiesbaden
About this chapter
Cite this chapter
Fischer-Hellmann, KP. (2012). Outline of Sophisticated Covert Channel Prevention for Activity validate. In: Bischoff, R. (eds) Information Flow Based Security Control Beyond RBAC. IT im Unternehmen, vol 1. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-8348-2618-3_11
Download citation
DOI: https://doi.org/10.1007/978-3-8348-2618-3_11
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-8348-2617-6
Online ISBN: 978-3-8348-2618-3
eBook Packages: Computer ScienceComputer Science (R0)