An object-based version of the path context model

Abstract

A number of formal models have been proposed for computer security, the best known being the Bell and LaPadula model. Formal models provide a solid foundation for security, making it possible to precisely specify security requirements, to reason with mathematical assurance about security issues and to prove security properties formally. However, most security models do not realistically reflect the complexity of current computer systems. The Path Context Model (PCM) is a recent formal security model attempting to solve this problem. A number of aspects of PCM have not yet been defined precisely. This paper starts by giving a formal definition of PCM. It is then shown that it is difficult to protect composite objects—objects consisting of other, less complex objects—with PCM. This problem can be solved by modifying PCM so that every level of such a composite object can do the access checks relevant to that level of the object. This is illustrated in the last section of the paper, where an object-based version of PCM is defined.

Keywords:

• Information security
• formal security model
• formal grammars
• object-orientation
• Path Context Model (PCM)

C.R Categories:

• F.4.2
• H.2.0
• H.1

Address correspondence to Martin Olivier, Department of Computer Science, Rand Afrikaans University, PO Box 524, auckland Park, Jo0hannesburg, 2006 south Africa; Email: [email protected]

Address correspondence to Martin Olivier, Department of Computer Science, Rand Afrikaans University, PO Box 524, auckland Park, Jo0hannesburg, 2006 south Africa; Email: [email protected]

Notes

Address correspondence to Martin Olivier, Department of Computer Science, Rand Afrikaans University, PO Box 524, auckland Park, Jo0hannesburg, 2006 south Africa; Email: [email protected]