Enforcing Security Policies via Types
Daniele Gorla and Rosario Pugliese
Short version
in 1st International Conference on Security in Pervasive Computing
(SPC '03),
Boppard (Germany), March 12-14, 2003.
Full version
as Tech. Rep. 05/2004, Dip. di Informatica, Univ. di Roma "La Sapienza".
Abstract:
Security is a key issue for distributed systems/applications with
code mobility, like, e.g., e-commerce and on-line bank
transactions. In a scenario with code mobility, traditional
solutions based on cryptography cannot deal with all security
issues and additional mechanisms are necessary.
In this paper, we present a flexible and expressive type system
for security for a calculus of distributed and mobile processes.
By using a combination of static and dynamic checks, type safety
and well-typedness preservation can be guaranteed, thus enforcing
specific security policies on the use of resources. The usefulness
of our approach will be shown by modeling the simplified behaviour
of a bank account management system.
@InProceedings{GP:SPC03,
author = {D. Gorla and R. Pugliese},
title = {Enforcing Security Policies via Types},
editor = {D. Hutter et al.},
booktitle = {Proc. of 1st Intern.Conf. on Security in Pervasive Computing (SPC'03)},
series = {LNCS},
volume = {2802},
pages = {86--100},
year = {2003},
publisher = {Springer},
}
Home page /
Publications