May 20, 1991 to May 22, 1991
This paper proposes a notation for describing information flow policies that can express transitive, aggregation and separation (of duty) exceptions. Operators for comparing, composing and abstracting flow policies are described. These allow complex policies to be built from simpler policies. Many existing confidentiality (and by using a dual model, integrity) policies and their models can be captured in this framework. A high water mark model is described that can enforce a large class of these information flow policies. The model provides the basis for a taxonomy of existing high water mark mechanisms.
Simon N. Foley, "A Taxonomy for Information Flow Policies and Models", SP, 1991, 2012 IEEE Symposium on Security and Privacy, 2012 IEEE Symposium on Security and Privacy 1991, pp. 98, doi:10.1109/RISP.1991.130778