A Simple Method to Control Indirect Information Flows

Satoshi OZAKI  Tsutomu MATSUMOTO  Hideki IMAI  

Publication
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E77-A   No.11   pp.1938-1941
Publication Date: 1994/11/25
Online ISSN: 
DOI: 
Print ISSN: 0916-8508
Type of Manuscript: Special Section LETTER (Special Section of Letters Selected from the 1994 IEICE Spring Conference)
Category: 
Keyword: 
access control,  flow control,  information flow,  information security,  UNIX,  

Full Text: PDF>>
Buy this Article




Summary: 
The access control method adopted by UNIX is simple, understandable, and useful. However, it is quite possible that unexpected information flows occur when we are cooperating with some group members on UNIX. Introducing notions such as "flow right," "maximal permission" and "minimal umask value", this note proposes a simple method, can be seen as a natural extension of UNIX, to control indirect information flows without losing availability and understandability of UNIX.