Design and implementation of DF-Salvia which provides mandatory access control based on data flow

Shozo Ida, Takehiro Kashiyama, Eiji Takimoto, Shoichi Saito, Eric Wallace Cooper, Koichi Mouri

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Recently, incidents in which data such as private information has leaked have occurred frequently. In many cases, the main causes of data leakage are as follows: taking data out illegally or unfairly, erroneous operation by a user with authority to access the data. We developed the operating system Salvia for the purpose of preventing data leakage resulting from these causes. Salvia provides the capability to attach data protection policies to each file. In addition, Salvia monitors resource access that may incur the possibility of data leakage. When a process requests to access to such resources, Salvia allows the operation only if it does not violate the policies of all files which are read by the process. That is, Salvia controls resource access by process. In this paper, we propose DF-Salvia, based on Salvia. An access control unit of DF-Salvia is data flow, which is finer-grained than the process-based access control of Salvia. This means that DF-Salvia applies a policy not to each process but to each data flow in a process in order to limit the extent of the effect of the policy to corresponding data flow. The results show a solution to the problem of over-restriction of irrelevant data.

Original languageEnglish
Title of host publicationInternational MultiConference of Engineers and Computer Scientists, IMECS 2012
PublisherNewswood Limited
Pages182-189
Number of pages8
Volume2195
ISBN (Print)9789881925114
Publication statusPublished - 2012
Externally publishedYes
Event2012 International MultiConference of Engineers and Computer Scientists, IMECS 2012 - Kowloon, Hong Kong
Duration: Mar 14 2012Mar 16 2012

Other

Other2012 International MultiConference of Engineers and Computer Scientists, IMECS 2012
Country/TerritoryHong Kong
CityKowloon
Period3/14/123/16/12

All Science Journal Classification (ASJC) codes

  • Computer Science (miscellaneous)

Fingerprint

Dive into the research topics of 'Design and implementation of DF-Salvia which provides mandatory access control based on data flow'. Together they form a unique fingerprint.

Cite this