Zusammenfassung der Ressource
U4. Chinese Wall
- Aimed at a 'real' problem of preventing conflicts of interest
- Golden Rule = There must be no flow of
information that causes a conflict of interest.
- Simple security (ss) property:
- A subject may only be granted
access to an object if:
- the object is in the same company dataset
as an object already accessed by the subject
- the object does not belong to any of the
conflict of interest classes of objects
already accessed by the subject
- deals with direct information flow
- Star property
- deals with indirect flow
- A subject s is permitted write access to an object
only if s has no read access to any object o', which
is in a different company dataset and is unsanitised
- One of the implications of the *-property is that access rights
of subjects change dynamically with every access operation.
- You need to understand and appreciate how a different type of
security policy can be described in terms of a security model.