1
1
1
Lattice
Model
CS177
2011
Information Flow
Execution of
α
causes
information flow
from
object X to object Y if information about
the value of X can be determined from the
value of Y after executing
α
.
Denoted:
X
Y
α
2
Lattice
Model
CS177
2011
Explicit and Implicit Flows
• X
Y is
explicit
whenever the operation
generating the flow is independent of the
value of X
• X
Y is
implicit
whenever there is an
operation generating a flow from an
arbitrary Z to Y and the operation is
dependent
on the value of X
3
Lattice
Model
CS177
2011
Notation
X
The value stored in object X
X
The security class of X
X
⇒
Y
Information flow is allowed from
class X
to class Y
by the
information flow policy
X
Y
is secure iff X
⇒
Y
α
4
Lattice
Model
CS177
2011
Information Flow Policy
A set of rules governing information flow
among a set of objects, each of which has a
unique security class that belongs to the set
of security classes SC.
5
This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
This is the end of the preview.
Sign up
to
access the rest of the document.
 Fall '09
 Kemm
 Order theory, Partially ordered set, lattice model, Linear Lattice Revisited

Click to edit the document details