Ticket #61 (new Feature)

Opened 3 years ago

Last modified 3 years ago

apol - infoflow access matrix

Reported by: jmowery Assigned to: pebenito
Priority: Undecided Milestone: design
Component: apol Version: SETools-Devel
Keywords: Cc:

Description (Last modified by jmowery)

when doing an info flow access there are instances where access to one object classs cannot immediately be followed by access to another by a different souce type (e.g. A writes to a file cannot immediately be followed by B reads a from a dir)

proposed solution: create a square matrix of possible consecutive objects such that
  • it is a superset of the identity matrix
  • the inverse of M = M
this would still depend on the permission map to determine direction
unknown object classes would be assumed to be possible consecutively for all classes

Change History

04/25/07 16:11:58 changed by jmowery

  • description changed.