An Approach to XML-Based Administration and Secure Information Flow Analysis on an Object Oriented Role-Based Access Control Model
Cungang Yang and Chang N. Zhang* Department of Electrical and Computer Engineering Ryerson University Toronto, Ontario, M5B 2K3, Canada *Department of Computer Science University of Regina Regina, Saskatchewan, S4S 0A2, Canada
In this paper, a practical method that can be employed to manage security policies using the eXtensible Markup Language (XML) is presented. The method efficiently administrates security policies based on the object oriented role-based access control model (ORBAC). Moreover, an information flow analysis technique is introduced for checking whether or not a created XML-based ORBAC security policy satisfies the Mandatory Access Control (MAC) security principles.