A Type Inference Algorithm for Secure Ambients
نویسندگان
چکیده
We consider a type discipline for the Ambient Calculus that associates ambients with security levels and constrains them to be traversed by or opened in ambients of higher security clearance only. We present a bottom-up algorithm that, given an untyped process P , computes a minimal set of constraints on security levels such that all actions during runs of P are performed without violating the security level priorities. Such an algorithm appears to be a prerequisite to use type systems to ensure security properties in the web scenario.
منابع مشابه
Type inference for local typing of mobile ambients
A type inference algorithm for the local type system for mobile ambients of [CDCGP04] is presented. It is obtained by applying a combination of techniques to the original typing rules, including a constraint handling and simplification procedure, which is mainly based on unification. The algorithm employs type schemes and therefore is, in a sense, more general than the original system. The infe...
متن کاملBehavioural typing for safe ambients
We introduce a typed variant of Safe Ambients, named Secure Safe Ambients (SSA), whose type sys-tem allows behavioral invariants of ambients to be expressed and verified. The most significant aspect ofthe type system is its ability to capture both explicit and implicit process and ambient behavior: processtypes account not only for immediate behavior, but also for the behavior r...
متن کاملType Inference for PolyA
We present an automatic type inference algorithm for PolyA, a type system for Mobile Ambients presented in earlier work by us together with Torben Amtoft. We present not only a basic inference algorithm, but also several optimizations to it aimed at reducing the size of the inferred types. The final algorithm has been implemented and verified to work on small examples. We discuss some small pro...
متن کاملSecure Safe Ambients and JVM Security
Safe Ambients are a variant of Cardelli and Gordon’s Mobile Ambients [CG98] proposed by Levi and Sangiorgi in [LS00]. The two calculi differ in the underlying notion of interaction: in Mobile Ambients interaction between ambients are “one-sided”, in that one of the two partners in a move or open action simply undergoes the action. In Safe ambients, instead, the reduction relation requires actio...
متن کاملBoundary Inference for Enforcing Security Policies in Mobile Ambients
The notion of “boundary ambient” has been recently introduced to model multilevel security policies in the scenario of mobile systems, within pure Mobile Ambients calculus. Information flow is defined in terms of the possibility for a confidential ambient/data to move outside a security boundary, and boundary crossings can be captured through a suitable Control Flow Analysis. We show that this ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Electr. Notes Theor. Comput. Sci.
دوره 62 شماره
صفحات -
تاریخ انتشار 2001