Session Types for Access and Information Flow Control
نویسندگان
چکیده
We consider a calculus for multiparty sessions with delegation, enriched with security levels for session participants and data. We propose a type system that guarantees both session safety and a form of access control. Moreover, this type system ensures secure information flow, including controlled forms of declassification. In particular, it prevents leaks due to the specific control constructs of the calculus, such as session opening, selection, branching and delegation. We illustrate the use of our type system with a number of examples, which reveal an interesting interplay between the constraints of security type systems and those used in session types to ensure properties like communication safety and session fidelity. Key-words: Concurrency, communication-centred computing, session types, access control, secure information flow. Work partially funded by the INRIA Sophia Antipolis COLOR project MATYSS, by the ANR-SETI06-010 and ANR-08-EMER-010 grants, and by the MIUR Projects DISCO and IPODS. ∗ Dipartimento di Informatica, Università di Torino, corso Svizzera 185, 10149 Torino, Italy † INRIA Sophia Antipolis Méditerranée in ria -0 05 11 30 4, v er si on 1 25 A ug 2 01 0 Types de session pour le contrôle d’accès et la sécurité du flux d’information Résumé : Nous étudions un calcul pour modéliser des sessions à partenaires multiples, avec délégation, où les données et les partenaires sont équipés de niveaux de sécurité. Nous présentons un système de types pour ce calcul, garantissant à la fois la sûreté des sessions, une forme de contrôle d’accès et la sécurité du flux d’information, tout en permettant la déclassification des données lors de leur transmission. En particulier, ce système de types permet de prévenir les fuites d’information dues aux primitives spécifiques du langage, que sont l’ouverture de session, la sélection, le branchement et la délégation. Nous illustrons l’utilisation de notre système de types par une série d’exemples, qui révèlent une interaction intéressante entre les contraintes apparaissant dans les systèmes de types classiques pour la sécurité et celles utilisées dans les types de session pour assurer des propriétés telles que l’absence d’erreurs de communication au cours d’une session et la conformité d’une session à un protocole donné. Mots-clés : Concurrence, calcul centré sur la communication, types de session, contrôle d’accès, sécurité du flux d’information. in ria -0 05 11 30 4, v er si on 1 25 A ug 2 01 0 Session Types for Access and Information Flow Control 3
منابع مشابه
CAMAC: a context-aware mandatory access control model
Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments such as military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes and flexibility of access control mechanisms may be required especially in pervasive c...
متن کاملTyping access control and secure information flow in sessions
We consider a calculus for multiparty sessions with delegation, enriched with security levels for session participants and data. We propose a type system that guarantees both session safety and a form of access control. Moreover, this type system ensures secure information flow, including controlled forms of declassification. In particular, it prevents information leaks due to the specific cont...
متن کاملA context-sensitive dynamic role-based access control model for pervasive computing environments
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environmen...
متن کاملAccess and Mobility Policy Control at the Network Edge
The fifth generation (5G) system architecture is defined as service-based and the core network functions are described as sets of services accessible through application programming interfaces (API). One of the components of 5G is Multi-access Edge Computing (MEC) which provides the open access to radio network functions through API. Using the mobile edge API third party analytics applications ...
متن کاملPrivacy Preserving Dynamic Access Control Model with Access Delegation for eHealth
eHealth is the concept of using the stored digital data to achieve clinical, educational, and administrative goals and meet the needs of patients, experts, and medical care providers. Expansion of the utilization of information technology and in particular, the Internet of Things (IoT) in eHealth, raises various challenges, where the most important one is security and access control. In this re...
متن کامل