2009 IEEE International Conference on
Systems, Man, and Cybernetics |
 |
- [P1272]
Granular Computing and Flow Analysis on Discretionary Access Control:Solving the Propagation Problem
Author(s): Tsau-Young LinAbstract
Based on granular computing, information flows in Discretionary Access Control (DAC) are examined. DAC are classified in the following nested order: From general to specific, binary neighborhood systems(binary relations),topological spaces (reflexive and transitive relations) and clopen spaces (equivalence relations) in geometric (algebraic) terms. In security terms, the two smaller classes meet information flow security and Chinese wall security policy in respective order. Roughly, information flow security policy (IFSP) means any data can never flow or propagate into the enemy hands of the initial owner. Chinese wall security policy is IFSP, in which enemy is a symmetric relation.