Abstract
This paper proposes a notation that can be used to describe information flow policies that may have transitivity, aggregation and separation (of duty) exceptions. Operators for comparing, composing and abstracting these policies are described. These allow complex policies to be built from simpler policies. A formal semantics is given based on the notion of noninterference for deterministic systems. An unwinding of this definition is developed that can be used for any policy that does not contain a separation exception.
Get full access to this article
View all access options for this article.