Preventing Illegal Information Flow Based on Role-Based Access Control Model

In the role-based access control (RBAC) model, authorized access requests are specified in roles. However; illegal information flow might occur as the well known confinement problem. We first define legal, independent, illegal, and possibly illegal types of information flow relations, R-1 double right arrow R-2, R-1 parallel to R-2, R-1 hooked right arrow R-2, and R-1 -> R-2 among role families R-1 and R-2, respectively. Suppose a transaction T-1 with a role family R-1 precedes T-2 with R-2 in a schedule, i.e. for every pair of conflicting methods op(1) and op(2) from T-1 and T-2, respectively, op(1) is performed prior to op(2). Here, if R-1 double right arrow R-2 or R-1 parallel to R-2 hold, no illegal information flow occur. Otherwise, illegal information flow might occur. Hence, T-2 cannot be performed. In this paper, we discuss the locking protocol for synchronizing conflicting transactions so that no illegal information flow occur based oil the information flow relations. In addition, we discuss when the role-based locks are released.