*Result*: Information Flow Control in Software DB Units Based on Formal Verification.

*By now, a large number of studies in the field of formal models of computer systems security have been performed. In this paper, we do not consider cryptographic methods of information protection, which, as applied to information systems, ensure security of data storage and transfer. The focus in this paper is on the models based on access control and information flow control that ensure security of data processing. The models based on access control are widely used for implementing protection mechanisms at the level of operating systems (OS) and database management systems (DBMS). Information flow control (IFC) is presently integrated into language platforms designed for creating both system and application software. However, despite all efforts, the dominating approach in the practical design of automated industry-level information systems is exclusively directed to the implementation of system-wide mechanisms of access control. The IFC at the level of applications is often considered without taking into account the requirements of global security policy. In this paper, an attempt is made to justify the necessity of complementing the global access control systems in software with IFC. An algorithm for integrating the IFC at the level of database program units on the basis of the role-based access control implemented at the system level is described. [ABSTRACT FROM AUTHOR]

Copyright of Programming & Computer Software is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)*