The Sharing of Rights and Information in a Capability-Based Protection System
- M. Bishop, “Theft of Information in the Take-Grant Protection Model ”, Technical Report PCS-TR88-137, Dept. of Computer Science, Dartmouth College, Hanover, NH 03755 (1988, revised 1990).
Using the information transfer extensions to the Take-Grant Protection Model, the concept of “theft of information” is defined and necessary and sufficient conditions for such theft to occur are presented, as well as bounds on the number of actors involved in such theft. Finally the application of these results to reference monitors are explored.