INFORMATION-FLOW CONTROL IN OBJECT-ORIENTED SYSTEMS

In this paper, we describe a high assurance discretionary access contr ol model for object-oriented systems. The model not only ensures prote ction against Trojan horses leaking information, but provides the flex ibility of discretionary access control at the same time. The basic id ea of our approach is to check all information flows among objects in the system in order to block possible illegal flows. An illegal flow a rises when information is transmitted from one object to another objec t in violation of the security policy. The interaction modes among obj ects are taken into account in determining illegal flows. We consider three different interaction modes that are standard interaction modes found in the open distributed processing models. The paper presents fo rmal definitions and proof of correctness of our flow control algorith m.