Title: A read-write abortion protocol to prevent illegal information flow in role-based access control systems

Authors: Shigenari Nakamura; Dilawaer Duolikun; Tomoya Enokido; Makoto Takizawa

Addresses: Department of Advanced Sciences, Hosei University, Tokyo, Japan ' Department of Advanced Sciences, Hosei University, Tokyo, Japan ' Faculty of Business Administration, Rissho University, Tokyo, Japan ' Department of Advanced Sciences, Hosei University, Tokyo, Japan

Abstract: In information systems, a transaction may illegally read data stored in an object which the transaction is not allowed to read is stored in the object. A transaction illegally writes data to an object after issuing illegal read. A transaction suspiciously reads data in a suspicious object whose data is not allowed to flow to some object. A transaction impossibly writes data to an object after issuing suspicious read. In our previous studies, the write-abortion (WA) role-based synchronisation (RBS) and object-based synchronisation (OBS) protocols are proposed where a transaction illegally or impossibly writes data to objects is aborted. In this paper, we newly propose a pair of read-write-abortion (RWA) RBS and OBS protocols where a transaction is aborted only if the transaction issues an illegal read or impossible write to an object. In the evaluation, the execution time of each transaction in RWA protocols is shorter than the WA protocols.

Keywords: role-based access control; RBAC; illegal write; suspicious read; impossible write; information flow control; RWA-RBS protocol; RWA-OBS protocol; read-write abortion protocol; role-based synchronisation; object-based synchronisation; information security.

DOI: 10.1504/IJSSC.2016.076564

International Journal of Space-Based and Situated Computing, 2016 Vol.6 No.1, pp.43 - 53

Received: 28 Aug 2015
Accepted: 24 Oct 2015

Published online: 13 May 2016 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article