Secure composition of untrusted code: box π, wrappers, and causality types
作者: Peter Sewell , Jan Vitek
关键词: The Internet 、 Distributed computing 、 Component-based software engineering 、 Software system 、 Pipeline (software) 、 Information flow (information theory) 、 Security policy 、 Property (programming) 、 Code (cryptography) 、 Computer science
摘要: Software systems are becoming heterogeneous: instead of a small number large programs from well-established sources, user's desktop may now consist many smaller components that interact in intricate ways. Some will be downloaded the network sources only partially trusted. A user would like to know security properties hold, e.g., personal data is not leaked net, but it typically infeasible verify such well-behaved. Instead, they must executed secure environment provides fine-grain control allowable interactions between them, and other system resources.In this paper, we consider problem assembling concurrent software untrusted or trusted off-the-shelf components, using wrapper encapsulate enforce policies. We introduce model programming language, box-π calculus, supports composition enforcement information flow Several example wrappers expressed calculus; explore delicate guarantee. present novel causal type statically captures allowed flows wrapped possibly-badly-typed components; use prove an ordered pipeline enforces property.
scilit.net参考文章(41)
Eric A. Brewer, David Wagner, Ian Goldberg, Randi Thomas, A secure environment for untrusted helper applications confining the Wily Hacker usenix security symposium. pp. 1- 1 ,(1996)
Roberto M. Amadio, Ilaria Castellani, Davide Sangiorgi, On bisimulations of the asynchronous p-calculus international conference on concurrency theory. ,vol. 195, pp. 291- 324 ,(1998) , 10.1016/S0304-3975(97)00223-5
Jan Vitek, Giuseppe Castagna, Seal: A Framework for Secure Mobile Computations Lecture Notes in Computer Science. pp. 47- 77 ,(1998) , 10.1007/3-540-47959-7_3
Andrei Sabelfeld, David Sands, A Per Model of Secure Information Flow in Sequential Programs european symposium on programming. pp. 40- 58 ,(1999) , 10.1007/3-540-49099-X_4
Peter Sewell, Pawel T. Wojciechowski, Benjamin C. Pierce, Location-Independent Communication for Mobile Agents: A Two-Level Architecture Lecture Notes in Computer Science. pp. 1- 31 ,(1998) , 10.1007/3-540-47959-7_1
Pierpaolo Degano, Corrado Priami, Causality for Mobile Processes international colloquium on automata languages and programming. ,vol. 944, pp. 660- 671 ,(1995) , 10.1007/3-540-60084-1_113
José-Luis Vivas, Mads Dam, From Higher-Order pi-Calculus to pi-Calculus in the Presence of Static Operators international conference on concurrency theory. pp. 115- 130 ,(1998) , 10.1007/BFB0055619
George C. Necula, Peter Lee, Safe, Untrusted Agents Using Proof-Carrying Code Mobile Agents and Security. pp. 61- 91 ,(1998) , 10.1007/3-540-68671-1_5
Kohei Honda, Mario Tokoro, An Object Calculus for Asynchronous Communication european conference on object oriented programming. pp. 133- 147 ,(1991) , 10.1007/BFB0057019
Cédric Fournet, Georges Gonthier, Jean-Jacques Levy, Luc Maranget, Didier Rémy, A Calculus of Mobile Agents international conference on concurrency theory. pp. 406- 421 ,(1996) , 10.1007/3-540-61604-7_67