[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content

Dynamic Access Control in a Concurrent Object Calculus

  • Conference paper
CONCUR 2006 – Concurrency Theory (CONCUR 2006)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4137))

Included in the following conference series:

Abstract

We develop a variant of Gordon and Hankin’s concurrent object calculus with support for flexible access control on methods. We investigate safe administration and access of shared resources in the resulting language. Specifically, we show a static type system that guarantees safe manipulation of objects with respect to dynamic specifications, where such specifications are enforced via access changes on the underlying methods at runtime. By labeling types with secrecy groups, we show that well-typed systems preserve their secrets amidst dynamic access control and untrusted environments.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 71.50
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 89.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Abadi, M., Blanchet, B.: Secrecy types for asymmetric communication. Theoretical Computer Science 298(3), 387–415 (2003)

    Article  MathSciNet  MATH  Google Scholar 

  2. Abadi, M., Cardelli, L.: An imperative object calculus. In: Mosses, P.D., Schwartzbach, M.I., Nielsen, M. (eds.) CAAP 1995, FASE 1995, and TAPSOFT 1995. LNCS, vol. 915, pp. 471–485. Springer, Heidelberg (1995)

    Google Scholar 

  3. Banerjee, A., Naumann, D.: Using access control for secure information flow in a Java-like language. In: CSFW 2003: Computer Security Foundations Workshop, pp. 155–169. IEEE, Los Alamitos (2003)

    Chapter  Google Scholar 

  4. Blasio, P.D., Fisher, K.: A calculus for concurrent objects. In: Sassone, V., Montanari, U. (eds.) CONCUR 1996. LNCS, vol. 1119, pp. 655–670. Springer, Heidelberg (1996)

    Google Scholar 

  5. Di Blasio, P., Fisher, K., Talcott, C.: A control-flow analysis for a calculus of concurrent objects. IEEE Transactions on Software Engineering 26(7), 617–634 (2000)

    Article  Google Scholar 

  6. Braghin, C., Gorla, D., Sassone, V.: A distributed calculus for role-based access control. In: CSFW 2004: Computer Security Foundations Workshop, pp. 48–60. IEEE, Los Alamitos (2004)

    Google Scholar 

  7. Bugliesi, M., Castagna, G., Crafa, S.: Access control for mobile agents: The calculus of boxed ambients. ACM Transactions on Programming Languages and Systems 26(1), 57–124 (2004)

    Article  Google Scholar 

  8. Bugliesi, M., Colazzo, D., Crafa, S.: Type based discretionary access control. In: Gardner, P., Yoshida, N. (eds.) CONCUR 2004. LNCS, vol. 3170, pp. 225–239. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  9. Cardelli, L., Ghelli, G., Gordon, A.D.: Secrecy and group creation. Information and Computation 196(2), 127–155 (2005)

    Article  MathSciNet  MATH  Google Scholar 

  10. Chaudhuri, A., Abadi, M.: Secrecy by typing and file-access control. In: CSFW 2006: Computer Security Foundations Workshop. IEEE, Los Alamitos (to appear, 2006)

    Google Scholar 

  11. Coquand, T.: Pattern matching with dependent types. In: Workshop on Types for Proofs and Programs, Electronic proceedings (1992)

    Google Scholar 

  12. Flanagan, C.: Hybrid type checking. In: POPL 2006: Principles of programming languages, pp. 245–256. ACM, New York (2006)

    Google Scholar 

  13. Flanagan, C., Abadi, M.: Object Types against Races. In: Baeten, J.C.M., Mauw, S. (eds.) CONCUR 1999. LNCS, vol. 1664, pp. 288–303. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  14. Gordon, A.D., Hankin, P.D.: A concurrent object calculus: Reduction and typing. In: HLCL 1998: High-Level Concurrent Languages, pp. 248–264. Elsevier, Amsterdam (1998)

    Google Scholar 

  15. Gordon, A.D., Jeffrey, A.: Secrecy Despite Compromise: Types, Cryptography, and the Pi-Calculus. In: Abadi, M., de Alfaro, L. (eds.) CONCUR 2005. LNCS, vol. 3653, pp. 186–201. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  16. Gorla, D., Pugliese, R.: Resource access and mobility control with dynamic privileges acquisition. In: Baeten, J.C.M., Lenstra, J.K., Parrow, J., Woeginger, G.J. (eds.) ICALP 2003. LNCS, vol. 2719, pp. 119–132. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. Haack, C., Jeffrey, A.: Timed spi-calculus with types for secrecy and authenticity. In: Abadi, M., de Alfaro, L. (eds.) CONCUR 2005. LNCS, vol. 3653, pp. 202–216. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  18. Hamlen, K.W., Morrisett, G., Schneider, F.B.: Certified in-lined reference monitoring on .NET. In: PLAS 2006: Programming Languages and Analysis for Security. ACM, New York (to appear, 2006)

    Google Scholar 

  19. Hawblitzel, C., von Eicken, T.: Type system support for dynamic revocation. In: Workshop on Compiler Support for System Software, Electronic proceedings (1999)

    Google Scholar 

  20. Hennessy, M., Merro, M., Rathke, J.: Towards a Behavioural Theory of Access and Mobility Control in Distributed Systems. In: Gordon, A.D. (ed.) FOSSACS 2003. LNCS, vol. 2620, pp. 282–298. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  21. Hennessy, M., Riely, J.: Resource access control in systems of mobile agents. In: HLCL 1998: High-Level Concurrent Languages, pp. 174–188. Elsevier, Amsterdam (1998)

    Google Scholar 

  22. Hennessy, M., Riely, J.: Information flow vs. resource access in the asynchronous pi-calculus. ACM Transactions on Programming Languages and Systems 24(5), 566–591 (2002)

    Article  Google Scholar 

  23. Kirli, Z.D.: Confined mobile functions. In: CSFW 2001: Computer Security Foundations Workshop, pp. 283–294. IEEE, Los Alamitos (2001)

    Google Scholar 

  24. Kleist, J., Sangiorgi, D.: Imperative objects as mobile processes. Science of Computer Programming 44(3), 293–342 (2002)

    Article  MathSciNet  MATH  Google Scholar 

  25. Miklau, G., Suciu, D.: Controlling access to published data using cryptography. In: VLDB 2003, pp. 898–909. Springer, Heidelberg (2003)

    Google Scholar 

  26. Milner, R., Tofte, M., Harper, R., MacQueen, D.: The Definition of Standard ML (Revised). MIT Press, Cambridge (1997)

    Google Scholar 

  27. Myers, A., Sabelfeld, A., Zdancewic, S.: Enforcing robust declassification. In: CSFW 2004: Computer Security Foundations Workshop, pp. 172–186. IEEE, Los Alamitos (2004)

    Google Scholar 

  28. Nicola, R.D., Ferrari, G., Pugliese, R., Venneri, B.: Types for access control. Theoretical Computer Science 240(1), 215–254 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  29. Pottier, F., Skalka, C., Smith, S.: A systematic approach to static access control. ACM Transactions on Programming Languages and Systems 27(2), 344–382 (2005)

    Article  Google Scholar 

  30. Redell, D.D.: Naming and protection in extendible operating systems. Technical Report 140, Project MAC, MIT (1974)

    Google Scholar 

  31. Schneider, F.B.: Enforceable security policies. ACM Transactions on Information and System Security 3(1), 30–50 (2000)

    Article  Google Scholar 

  32. Vasconcelos, V.T.: Typed Concurrent Objects. In: Tokoro, M., Pareschi, R. (eds.) ECOOP 1994. LNCS, vol. 821, pp. 100–117. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  33. Zheng, L., Myers, A.: Dynamic security labels and noninterference. In: FAST 2004: Formal Aspects in Security and Trust, pp. 27–40. Springer, Heidelberg (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chaudhuri, A. (2006). Dynamic Access Control in a Concurrent Object Calculus. In: Baier, C., Hermanns, H. (eds) CONCUR 2006 – Concurrency Theory. CONCUR 2006. Lecture Notes in Computer Science, vol 4137. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11817949_18

Download citation

  • DOI: https://doi.org/10.1007/11817949_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-37376-6

  • Online ISBN: 978-3-540-37377-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics