A New Distributed Chinese Wall Security Policy Model
|Title:||A New Distributed Chinese Wall Security Policy Model||Authors:||Fehis, Saad
|Permanent link:||http://hdl.handle.net/10197/9295||Date:||2016||Abstract:||The application of the Chinese wall security policy model (CWSPM ) to control the informationflows between two or more competing and/or conflicting companies in cloud computing(Multi-tenancy) or in the social network, is a very interesting solution.The main goal of the Chinese Wall Security Policy is to build a wall between the datasetsof competing companies, and among the system subjects. This is done by the applying tothe subjects mandatory rules, in order to control the information flow caused between them.This problem is one of the hottest topics in the area of cloud computing (as a distributedsystem) and has been attempted in the past; however the proposed solutions cannot dealwith the composite information flows problem (e.g., a malicious Trojan horses problem),caused by the writing access rule imposed to the subject on the objects.In this article, we propose a new CWSP model, based on the access query type of the subjectto the objects using the concepts of the CWSP. We have two types of walls placement, thefirst type consists of walls that are built around the subject, and the second around theobject. We cannot find inside each once wall two competing objects data. We showed thatthis mechanism is a good alternative to deal with some previous models limitations. Themodel is easy to implement in a distributed system (as Cloud-Computing). It is based on thetechnique of Object Oriented Programming (Can be used in Cloud computing Software asa service SaaS) or by using the capabilities as an access control in real distributed system||Funding Details:||Science Foundation Ireland||Type of material:||Journal Article||Publisher:||Association of Digital Forensics, Security and Law||Copyright (published version):||2016 ADFSL||Keywords:||Security policy;Chinese Wall;Information flow;Distributed system;Cloud computing||DOI:||10.15394/jdfsl.2016.1434||Language:||en||Status of Item:||Peer reviewed|
|Appears in Collections:||Computer Science Research Collection|
Insight Research Collection
Show full item record
This item is available under the Attribution-NonCommercial-NoDerivs 3.0 Ireland. No item may be reproduced for commercial purposes. For other possible restrictions on use please refer to the publisher's URL where this is made available, or to notes contained in the item itself. Other terms may apply.