Based on Information Flow systems, this discipline states that only the owner can transfer ownership into a broader context, that is, the owned object becomes more accessible through rights amplification performed by the owner. Rights restriction/attenuation occurs when ownership is transfered down to the Ownership Hierarchy, that is, the owner transfers some Ownership for X object to another owned Y object, where X ≠ Y.
In this setting, every node in the Ownership Hierarchy can be seen as an Information Flow label, where the topmost node in such hierarchy (a.k.a, world, root, global, ...) is the most accessible security label (a.k.a, public label).
- [1] Ownership Downgrading for Ownership Types — Yi Lu, John Potter and Jingling Xue