Role-based scheduling and synchronization algorithms to prevent illegal information flow

Information systems have to be consistent and secure in presence of multiple conflicting transactions. The role-based access control model is widely used to keep information systems secure. Here, a role is a set of access rights, i.e. permissions. A subject is granted a family of roles, i.e. one or more than one role. A subject s is allowed to issue a method op to an object o only if an access right < o, op > is included in the roles granted to the subject s. In the access control models, even if every access request satisfies the access rules, illegal information flow might occur as well known confinement problem. In this paper, we define a legal information flow relation (R-1 double right arrow R-2) among a pair of role families R, and R2. This means, no illegal information flow occur if a transaction T, with a role family R, is performed prior to another transaction T-2 with R2. In addition, we define which role families are more significant than others in terms of types of methods and security classes of objects. Conflicting methods from different transactions are totally ordered in the significancy of roles of the transactions. We discuss how to synchronize transactions so as to prevent illegal information flow and how to serialize conflicting methods from multiple transactions in terms of significancy and information flow relation of roles families.