Information Flow Security in Boxed Ambients

An overview of Boxed Ambients

In this lecture we present some work we published in [2,3] and hint at some new current lines of research on information flow and security. More precisely, we describe the calculus of Boxed Ambients a variant of Cardelli and Gordon’s Mobile Ambients[4] a calculus of mobile and dynamically reconfigurable agents. Boxed Ambients inherit from Mobile Ambients (part of) the mobility primitives but re...

Boundary Inference for Enforcing Security Policies in Mobile Ambients

The notion of “boundary ambient” has been recently introduced to model multilevel security policies in the scenario of mobile systems, within pure Mobile Ambients calculus. Information flow is defined in terms of the possibility for a confidential ambient/data to move outside a security boundary, and boundary crossings can be captured through a suitable Control Flow Analysis. We show that this ...

A Control Flow Analysis for Safe and Boxed Ambients

Information flow security in Boundary Ambients

A variant of the Mobile Ambient calculus, called Boundary Ambients, is introduced, supporting the modelling of multi-level security policies. Ambients that may guarantee to properly protect their content are explicitly identified as boundaries: a boundary can be seen as a resource access manager for confidential data. In this setting, absence of direct information leakage is granted as soon as ...

Guardians for Ambient-based Monitoring

In the Mobile Ambients of Cardelli and Gordon an ambient is a unit for mobility, which may contain processes (data) and sub-ambients. Since the seminal work of Cardelli and Gordon, several ambient-based calculi have been proposed (Seal, Boxπ, Safe Ambients, Secure Safe Ambients, Boxed Ambients), mainly for supporting security. At the operational level these (boxand) ambient-based calculi differ...