Secure Composition of Untrusted Code: Wrappers and Causality Types

نویسندگان

  • Peter Sewell
  • Jan Vitek
چکیده

We consider the problem of assembling concurrent software systems from untrusted or partially trusted oo-the-shelf components, using wrapper programs to encapsulate components and enforce security policies. In previous work we introduced the box-process calculus with constrained interaction to express wrappers and discussed the rigorous formulation of their security properties. This paper addresses the veri-cation of wrapper information ow properties. We present a novel causal type system that statically captures the allowed ows between wrapped possibly-badly-typed components; we use it to prove that an example unidirectional-ow wrapper enforces a causal ow property.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Secure Composition of Untrusted Code: Box π, Wrappers, and Causality Types

Software systems are becoming heterogeneous: instead of a small number of large programs from well-established sources, a user’s desktop may now consist of many smaller components that interact in intricate ways. Some components will be downloaded from the network from sources that are only partially trusted. A user would like to know that a number of security properties hold, e.g. that persona...

متن کامل

Se ure Composition of Untrusted Code: Wrappers and Causality Types

We onsider the problem of assembling on urrent software systems from untrusted or partially trusted off-theshelf omponents, using wrapper programs to en apsulate omponents and enfor e se urity poli ies. In previous work we introdu ed the boxpro ess al ulus with onstrained intera tion to express wrappers and dis ussed the rigorous formulation of their se urity properties. This paper addresses th...

متن کامل

Performance Study of Untrusted Relay Network Utilizing Cooperative Jammer

Abstract—In this paper, the problem of secure transmission in two-hop amplify-and-forward (AF) systems with an untrusted relay is investigated. To prevent the untrusted relay from intercepting the source message and to achieve positive secrecy rate, the destination-based cooperative jamming (DBCJ) technique is used. In this method the destination sends an intended jamming signal to the relay. T...

متن کامل

Problems Running Untrusted Services as Java Threads

A number of Java environments run untrusted services as Java threads. However, Java threads may not be suitably secure for this task because of its problem with safe termination, resource control and thread isolation. These problem areas have been recognised by the research community and are comprehensively addressed in the not yet implemented Java Isolate API. Meanwhile, Java threads continue ...

متن کامل

Link-Time Enforcement of Confined Types for JVM Bytecode

The language-based approach to security employs programming language technologies to construct secure environments for hosting untrusted code. The recently proposed notion of confined types effectively prevents accidental reference leaks that could lead to security breaches in mobile code platforms such as Java. Enforcing a stronger notion of encapsulation than conventional object-oriented prog...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2000