Creating objects in the flexible authorization framework

N. Zannone, S. Jajodia, D. Wijesekera

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    1 Citation (Scopus)


    Access control is a crucial concern to build secure IT systems and, more specifically, to protect the confidentiality of information. However, access control is necessary, but not sufficient. Actually, IT systems can manipulate data to provide services to users. The results of a data processing may disclose information concerning the objects used in the data processing itself. Therefore, the control of information flow results fundamental to guarantee data protection. In the last years many information flow control models have been proposed. However, these frameworks mainly focus on the detection and prevention of improper information leaks and do not provide support for the dynamical creation of new objects.

    In this paper we extend our previous work to automatically support the dynamical creation of objects by verifying the conditions under which objects can be created and automatically associating an access control policy to them. Moreover, our proposal includes mechanisms tailored to control the usage of information once it has been accessed.
    Original languageEnglish
    Title of host publicationData and Applications Security XX (20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Sophia Antipolis, France, July 31-August 2, 2006, Proceedings)
    EditorsErnesto Damiani, Peng Liu
    Place of PublicationBerlin
    Number of pages14
    ISBN (Electronic)978-3-540-36799-4
    ISBN (Print)3-540-36796-9, 978-3-540-36796-3
    Publication statusPublished - 2006

    Publication series

    NameLecture Notes in Computer Science (LNCS)
    ISSN (Print)0302-9743


    Dive into the research topics of 'Creating objects in the flexible authorization framework'. Together they form a unique fingerprint.

    Cite this