SCOLL and SCOLLAR Safe Collaboration based on Partial Trust

When practicing secure programming, it is important to understand the restrictive influence programmed entities have on the propagation of authority in a program. To precisely model authority propagation in patterns of interacting entities, we have generalized an earlier formalism [SV05b] into “Knowledge behaviour Models” (KBM). To describe such patterns, we present a new domain specific declarative language SCOLL (Safe Collaboration Language), which operational semantics are expressed by means of KBMs. To interpret SCOLL patterns we have built SCOLLAR: a model checker and generator based on constraint logic programming. SCOLLAR not only indicates whether the safety requirements are guaranteed by the restricted behaviour of partially trusted subjects, but also lists the different ways in which the behaviour of a trusted entity can be restricted to guarantee the safety properties without restricting its required functionality and (re-)usability. The tool helps programmers to build correct trusted components that can safely interact with partially trusted and untrusted components.