Abstract
This paper addresses the issue of confidentiality and declassification for global computing in a language-based security perspective. The purpose is to deal with new forms of security leaks, which we call migration leaks, introduced by code mobility. We present a generalization of the non-disclosure policy [AB05] to networks, and a type and effect system for enforcing it. We consider an imperative higher-order lambda-calculus with concurrent threads and a flow declaration construct, enriched with a notion of domain and a standard migration primitive.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Almeida Matos, A., Boudol, G.: On declassification and the nondisclosure policy. In: CSFW (2005)
Almeida Matos, A., Boudol, G., Castellani, I.: Typing noninterference for reactive programs. In: FCS. TUCS General Publications, vol. 31 (2004)
Boudol, G., Castellani, I.: Noninterference for concurrent programs and thread systems. Theoretical Computer Science 281(1), 109–130 (2002)
Bugliesi, M., Castagna, G., Crafa, S.: Boxed ambients. In: Kobayashi, N., Pierce, B.C. (eds.) TACS 2001. LNCS, vol. 2215, p. 38. Springer, Heidelberg (2001)
Boudol, G., Castellani, I., Germain, F., Lacoste, M.: Analysis of formal models of distribution and mobility: state of the art. Mikado D1.1.1 (2002)
Boudol, G.: ULM, a core programming model for global computing. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 234–248. Springer, Heidelberg (2004)
Boudol, G.: On typing information flow. In: Van Hung, D., Wirsing, M. (eds.) ICTAC 2005. LNCS, vol. 3722, pp. 366–380. Springer, Heidelberg (2005)
Crafa, S., Bugliesi, M., Castagna, G.: Information flow security for boxed ambients. In: F-WAN. ENTCS, vol. 66(3) (2002)
Denning, D.E.: A lattice model of secure information flow. Communications of the ACM 19(5), 236–243 (1976)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: Symposium on Security and Privacy (1982)
Hennessy, M., Riely, J.: Information flow vs resource access in the asynchronous pi-calculus. In: Welzl, E., Montanari, U., Rolim, J.D.P. (eds.) ICALP 2000. LNCS, vol. 1853, p. 415. Springer, Heidelberg (2000)
Honda, K., Vasconcelos, V., Yoshida, N.: Secure information flow as typed process behaviour. In: Smolka, G. (ed.) ESOP 2000. LNCS, vol. 1782, p. 180. Springer, Heidelberg (2000)
Lucassen, J.M., Gifford, D.K.: Polymorphic effect systems. In: POPL (1988)
Myers, A., Liskov, B.: Complete, safe information flow with decentralized labels. In: Symposium on Security and Privacy (1998)
Sabelfeld, A.: The impact of synchronization on secure information flow in concurrent programs. In: Andrei Ershov International Conference on Perspectives of System Informatics (2001)
Sabelfeld, A., Mantel, H.: Static confidentiality enforcement for distributed programs. In: CCL 1999. LNCS, vol. 2477 (2002)
Sabelfeld, A., Myers, A.: Language-based information-flow security. Journal on Selected Areas in Communications 21(1) (2003)
Smith, G.: A new type system for secure information flow. In: CSFW (2001)
Sabelfeld, A., Sands, D.: Dimensions and principles of declassification. In: CSFW (2005)
Smith, G., Volpano, D.: Secure information flow in a multi-threaded imperative language. In: POPL (1998)
Volpano, D., Smith, G., Irvine, C.: A sound type system for secure flow analysis. Journal of Computer Security 4(3) (1996)
Zdancewic, S., Zheng, L., Nystrom, N., Myers, A.C.: Secure program partitioning. ACM Transactions in Computer Systems 20(3), 283–328 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Matos, A.A. (2005). Non-disclosure for Distributed Mobile Code. In: Sarukkai, S., Sen, S. (eds) FSTTCS 2005: Foundations of Software Technology and Theoretical Computer Science. FSTTCS 2005. Lecture Notes in Computer Science, vol 3821. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11590156_14
Download citation
DOI: https://doi.org/10.1007/11590156_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30495-1
Online ISBN: 978-3-540-32419-5
eBook Packages: Computer ScienceComputer Science (R0)