Secure Composition of Untrusted Code: Wrappers and Causality Types
نویسندگان
چکیده
We consider the problem of assembling concurrent software systems from untrusted or partially trusted oo-the-shelf components, using wrapper programs to encapsulate components and enforce security policies. In previous work we introduced the box-process calculus with constrained interaction to express wrappers and discussed the rigorous formulation of their security properties. This paper addresses the veri-cation of wrapper information ow properties. We present a novel causal type system that statically captures the allowed ows between wrapped possibly-badly-typed components; we use it to prove that an example unidirectional-ow wrapper enforces a causal ow property.
منابع مشابه
Secure Composition of Untrusted Code: Box π, Wrappers, and Causality Types
Software systems are becoming heterogeneous: instead of a small number of large programs from well-established sources, a user’s desktop may now consist of many smaller components that interact in intricate ways. Some components will be downloaded from the network from sources that are only partially trusted. A user would like to know that a number of security properties hold, e.g. that persona...
متن کاملSe ure Composition of Untrusted Code: Wrappers and Causality Types
We onsider the problem of assembling on urrent software systems from untrusted or partially trusted off-theshelf omponents, using wrapper programs to en apsulate omponents and enfor e se urity poli ies. In previous work we introdu ed the boxpro ess al ulus with onstrained intera tion to express wrappers and dis ussed the rigorous formulation of their se urity properties. This paper addresses th...
متن کاملPerformance Study of Untrusted Relay Network Utilizing Cooperative Jammer
Abstract—In this paper, the problem of secure transmission in two-hop amplify-and-forward (AF) systems with an untrusted relay is investigated. To prevent the untrusted relay from intercepting the source message and to achieve positive secrecy rate, the destination-based cooperative jamming (DBCJ) technique is used. In this method the destination sends an intended jamming signal to the relay. T...
متن کاملProblems Running Untrusted Services as Java Threads
A number of Java environments run untrusted services as Java threads. However, Java threads may not be suitably secure for this task because of its problem with safe termination, resource control and thread isolation. These problem areas have been recognised by the research community and are comprehensively addressed in the not yet implemented Java Isolate API. Meanwhile, Java threads continue ...
متن کاملLink-Time Enforcement of Confined Types for JVM Bytecode
The language-based approach to security employs programming language technologies to construct secure environments for hosting untrusted code. The recently proposed notion of confined types effectively prevents accidental reference leaks that could lead to security breaches in mobile code platforms such as Java. Enforcing a stronger notion of encapsulation than conventional object-oriented prog...
متن کامل