A Language for Safe Capability Based Collaboration
作者: Yves Jaradin , Peter Van Roy , Fred Spiessens
DOI:
关键词:
摘要: In capability secure systems it is important to understand the restrictive influence programmed entities (e.g. procedures, objects, modules, components) have on propagation of in a program. We explain why Take-Grant are not sufficiently expressive for this task, and we provide new formalism – Authority Reduction (AR-systems) model collaborative propagation. AR-systems safe tractable approximations adequate precision confinement properties configurations collaborating entities. propose domain specific declarative language SCOLL (Safe COLlaboration Language) express behavior subjects, initial conditions configuration, requirements about liveness that be ensured. syntactic structure an operational denotational semantics language. From experiments with first implementation, preliminary result show how patterns based collaboration can analyzed generated.
researchgate.net 参考文章(22)
Yves Jaradin, Peter Van Roy, Fred Spiessens, Using Constraints To Analyze And Generate Safe Capability Patterns ,(2005)
Mark S. Miller, Jonathan S. Shapiro, Paradigm Regained: Abstraction Mechanisms for Access Control Advances in Computing Science – ASIAN 2003. Progamming Languages and Distributed Computation Programming Languages and Distributed Computation. pp. 224- 242 ,(2003) , 10.1007/978-3-540-40965-6_15
Mark S. Miller, Chip Morningstar, Bill Frantz, Capability-Based Financial Instruments financial cryptography. pp. 349- 378 ,(2000) , 10.1007/3-540-45472-1_24
Flemming Nielson, Chris Hankin, Hanne R. Nielson, Principles of program analysis ,(1999)
Fred Spiessens, Peter Van Roy, A practical formal model for safety analysis in capability-based systems trustworthy global computing. ,vol. 3705, pp. 248- 278 ,(2005) , 10.1007/11580850_14
Matt Bishop, Lawrence Snyder, The transfer of information and authority in a protection system Proceedings of the seventh symposium on Operating systems principles - SOSP '79. pp. 45- 54 ,(1979) , 10.1145/800215.806569
Emden R Gansner, Stephen C North, An open graph visualization system and its applications to software engineering Software - Practice and Experience. ,vol. 30, pp. 1203- 1233 ,(2000) , 10.1002/1097-024X(200009)30:11<1203::AID-SPE338>3.3.CO;2-E
R.Y. Kain, C.E. Landwehr, On Access Checking in Capability-Based Systems IEEE Transactions on Software Engineering. ,vol. 13, pp. 202- 207 ,(1987) , 10.1109/TSE.1987.232892
R. J. Lipton, L. Snyder, A Linear Time Algorithm for Deciding Subject Security Journal of the ACM. ,vol. 24, pp. 455- 464 ,(1977) , 10.1145/322017.322025
Dan S. Wallach, Dirk Balfanz, Drew Dean, Edward W. Felten, Extensible security architectures for Java symposium on operating systems principles. ,vol. 31, pp. 116- 128 ,(1997) , 10.1145/268998.266668