Title: A read-write abortion protocol to prevent illegal information flow in role-based access control systems
Authors: Shigenari Nakamura; Dilawaer Duolikun; Tomoya Enokido; Makoto Takizawa
Addresses: Department of Advanced Sciences, Hosei University, Tokyo, Japan ' Department of Advanced Sciences, Hosei University, Tokyo, Japan ' Faculty of Business Administration, Rissho University, Tokyo, Japan ' Department of Advanced Sciences, Hosei University, Tokyo, Japan
Abstract: In information systems, a transaction may illegally read data stored in an object which the transaction is not allowed to read is stored in the object. A transaction illegally writes data to an object after issuing illegal read. A transaction suspiciously reads data in a suspicious object whose data is not allowed to flow to some object. A transaction impossibly writes data to an object after issuing suspicious read. In our previous studies, the write-abortion (WA) role-based synchronisation (RBS) and object-based synchronisation (OBS) protocols are proposed where a transaction illegally or impossibly writes data to objects is aborted. In this paper, we newly propose a pair of read-write-abortion (RWA) RBS and OBS protocols where a transaction is aborted only if the transaction issues an illegal read or impossible write to an object. In the evaluation, the execution time of each transaction in RWA protocols is shorter than the WA protocols.
Keywords: role-based access control; RBAC; illegal write; suspicious read; impossible write; information flow control; RWA-RBS protocol; RWA-OBS protocol; read-write abortion protocol; role-based synchronisation; object-based synchronisation; information security.
International Journal of Space-Based and Situated Computing, 2016 Vol.6 No.1, pp.43 - 53
Received: 28 Aug 2015
Accepted: 24 Oct 2015
Published online: 13 May 2016 *