Abstract: Controlling information flows within an application to protect privacy is essential. According to the maturity of object techniques, models have been developed to control information flows in object-oriented systems. Our survey revealed that existing models are useful in controlling pre-existing or predictable objects. Nevertheless, objects may be dynamically instantiated or removed in an unpredictable way. This causes troubles for existing models. Our survey also revealed that no model controls foreign objects (e.g., objects retrieved for reused by a CORBA broker). This paper proposes a model to control information flows among objects that may be dynamically instantiated or removed. The model also controls foreign objects. We set up experiments to evaluate the model and found that the model does facilitate identifying non-secure information flows.
Shih-Chien Chou and Ying-Kai Wen , 2005. Controlling Information Flows in Object-oriented Systems: Taking Foreign Objects into Control . Asian Journal of Information Technology, 4: 524-536.