Colored Petri Nets Based Modeling of Information Flow Security

Abstract

Currently, with the popularization of the computer and Internet technologies, electronic documents have become the most important resource in enterprises or organizations. The security of documents and protecting the information resident in these documents is of paramount importance to the organizationpsilas progress and in some cases, their survival too. Hence, electronic documents are the target of the insider abuse and attacker. Traditionally, methods of document access control protect the information of documents by setting accessing privileges. However, the weaknesses of this are the coarse granularity of control and lack of capability to adjust dramatically to adapt well to different operating context. In this paper, an information flaw security model based on colored Petri nets (CPN) is introduced, which analyze information flow dynamically and then find out the potential approaches that lead to the leak of information by examining the reachability graph of the CPN model. Consequently, we can take some measures to prevent information leaks and achieve the goal of protecting confidential information.