TY  - JOUR
T1  - Controlling Information Flows Among Object-Oriented Systems to Prevent Information Leakage
AU - , Shih-Chien Chou 
JO  - Asian Journal of Information Technology
VL  - 5
IS  - 1
SP  - 96
EP  - 106
PY  - 2006
DA  - 2001/08/19
SN  - 1682-3915
DO  - ajit.2006.96.106
UR  - https://makhillpublications.co/view-article.php?doi=ajit.2006.96.106
KW  - Information security
KW  -information flow control
KW  -information leakage
KW  -object-oriented system
AB  - Many information flow control models were available to prevent information leakage within a system. Since systems may cooperate, it is necessary to prevent information leakage among cooperating systems when they communicate. Our survey shows that no existing model offers the prevention. In the past years, we developed an information flow control model based on RBAC (role-based access control), which is named OORBAC (object-oriented role-based access control). Like other existing models, OORBAC cannot prevent information leakage among systems. To offer the prevention, we extended OORBAC. The extension is based on the consideration: when information is passed from a system to another one, the security level of the information being passed should be the same as or lower than the security level of the variable receiving the information. This study shows the extended model and its evaluation.
ER  -