Principals, Policies and Keys in a Secure Distributed Programming Language
نویسندگان
چکیده
KDLM is a model of information flow control for distributed programming languages, introducing a distributed notion of selective declassification. KDLM uses type-level notions of both principals and policies to model security policies incorporating access control and information flow control, with run-time representatives based on cryptographic keys. This article addresses the question of how this control is enforced when programs cross address spaces and networks. An object calculus is introduced that extends KDLM. This uses a notion of locally opaque principal and key names in objects to transmit and enforce restrictions across address spaces, with key equality used as a form of runtime type discrimination to reveal “opaque” principal names at the receiver.
منابع مشابه
An Operational Semantics for Trust Policies
In the trust-structure model of trust management, principals specify their trusting relationships with other principals in terms of trust policies. In their paper on trust structures, Carbone et al. present a language for such policies, and provide a suitable denotational semantics. The semantics ensures that for any collection of trust policies, there is always a unique global trust-state, com...
متن کاملWhat is QCM ?
QCM stands for `Query Certi cate Manager'; it is a software system that has been developed at the University of Pennsylvania as part of the SwitchWare project on active networks. QCM is a Public Key Infrastructure (PKI) intended to support secure maintenance of distributed data sets like Access Control Lists (ACL's) or public key certi cate repositories. An ACL is a list of `principals', identi...
متن کاملRole of the Language School’s Principals in Academic Achievements
This study investigated the role of the principal in managing teaching and learning. It examined how and to whom principals distributed the management of teaching and learning. It was found that participants thought principals could improve school effectiveness most by engaging in activities that develop a good climate and ensure appropriate resources are available for instruction. There is a ...
متن کاملDecentralized Delimited Release
Decentralization is a major challenge for secure computing. In a decentralized setting, principals are free to distrust each other. The key challenge is to provide support for expressing and enforcing expressive decentralized policies. This paper focuses on declassification policies, i.e., policies for intended information release. We propose a decentralized language-independent framework for e...
متن کاملA Logical Framework for Reputation Systems
Reputation systems are meta systems that record, aggregate and distribute information about the past behaviour of principals in an application. Typically, these applications are large-scale open distributed systems where principals are virtually anonymous, and (a priori) have no knowledge about the trustworthiness of each other. Reputation systems serve two primary purposes: helping principals ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008