Typing access control and secure information flow in sessions
نویسندگان
چکیده
منابع مشابه
Typing access control and secure information flow in sessions
We consider a calculus for multiparty sessions with delegation, enriched with security levels for session participants and data. We propose a type system that guarantees both session safety and a form of access control. Moreover, this type system ensures secure information flow, including controlled forms of declassification. In particular, it prevents information leaks due to the specific cont...
متن کاملTyping Secure Information Flow: Declassification and Mobility
xvii Résumé (in French) xix Synthèse (in French) xxi Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi Typage du flux d’information sûr . . . . . . . . . . . . . . . . . . xxi Problèmes abordés . . . . . . . . . . . . . . . . . . . . . . . . . . xxii Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiv Contenu de la thèse . . . . . . . . . ...
متن کاملStack-based access control and secure information flow
Access control mechanisms are often used with the intent of enforcing confidentiality and integrity policies, but few rigorous connections have been made between information flow and runtime access control. The Java virtual machine and the .NET runtime system provide a dynamic access control mechanism in which permissions are granted to program units and a runtime mechanism checks permissions o...
متن کاملHistory-Based Access Control and Secure Information Flow
This paper addresses the problem of static checking of programs to ensure that they satisfy confidentiality policies in the presence of dynamic access control in the form of Abadi and Fournet’s historybased access control mechanism. The Java virtual machine’s permissionbased stack inspection mechanism provides dynamic access control and is useful in protecting trusted callees from untrusted cal...
متن کاملSecure flow typing
Some of the most promising work in the area of enforcing secure information ow in programs is based on static analyses of source code However as yet these e orts have not had much impact in practice We present a new approach to analyz ing programs statically for secrecy and integrity ow violations The analysis is characterized as a form of type inference in a secure ow type sys tem The type sys...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Information and Computation
سال: 2014
ISSN: 0890-5401
DOI: 10.1016/j.ic.2014.07.005