Abstract
Recently there has been considerable interest in programming languages that encode security policies in type declarations. Type-checking is used to determine whether a program enforces these policies. This approach enjoys many of the benefits of static type-checking, but is particularly of interest because it can enforce information flow properties such as noninterference, for which purely dynamic mechanisms are ineffective.
Enforcing information flow properties for distributed systems adds a new challenges: mutual distrust among the principals, and untrusted hosts. Our new approach, secure program partitioning, automatically rewrites a program into communicating subprograms that run securely on the set of available hosts yet collectively implement the original program. This fine-grained rewriting is based on the security types in the original program and the trust relationships among principals and hosts in the system. Computation in the original program is written in a single-host style, yet the resulting distributed system can satisfy the strong confidentiality and integrity properties specified by the program.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Myers, A. (2001). Security-Typed Languages and Distributed Computation. In: Cousot, P. (eds) Static Analysis. SAS 2001. Lecture Notes in Computer Science, vol 2126. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47764-0_28
Download citation
DOI: https://doi.org/10.1007/3-540-47764-0_28
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42314-0
Online ISBN: 978-3-540-47764-8
eBook Packages: Springer Book Archive