Abstract
The growing importance of service-oriented computing has triggered development of formal computational models for service description and orchestration. Several versions of the Service Centered Calculus (SCC) and its successor, the Calculus of Services with Pipelines and Sessions (CaSPiS) have emerged as outcome of those studies, and are based on the notion of interaction patterns called sessions between the service and the client who invokes it. We propose a security oriented extension of Bruni and Mezzina’s typed variant of CaSPiS, where security levels have been assigned to service definitions, clients and data. In order to invoke a service, a client must be endowed with an appropriate clearance, and once the service and client agree on the security level, the data exchanged in the initiated session will not exceed this level. We study a type system that statically ensures these security properties.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Acciai, L., Boreale, M.: A Type System for Client Progress in a Service-Oriented Calculus. In: Degano, P., De Nicola, R., Meseguer, J. (eds.) Concurrency, Graphs and Models. LNCS, vol. 5065, pp. 642–658. Springer, Heidelberg (2008)
Banerjee, A., Naumann, D.A.: A Simple Semantics and Static Analysis for Java Security. Technical Report 2001-1, Stevens Institute of Technology (2001)
Bell, D.E., LaPadula, L.J.: Secure Computer Systems: Mathematical Foundations. Technical Report MTR-2547, Vol. 1, MITRE Corp., Bedford, MA (1973)
Bonelli, E., Compagnoni, A., Gunter, E.: Correspondence assertions for process synchronization in concurrent communications. J. Funct. Program. 15(2), 219–247 (2005)
Boreale, M., Bruni, R., Nicola, R.D., Lanese, I., Loreti, M., Montanari, U., Sangiorgi, D., Zavattaro, G.: SCC: a Service Centered Calculus. In: ACSAC 2006. LNCS, vol. 4186, pp. 38–57. Springer, Heidelberg (2006)
Boreale, M., Bruni, R., Nicola, R.D., Loreti, M.: Sessions and Pipelines for Structured Service Programming. In: Barthe, G., de Boer, F.S. (eds.) FMOODS 2008. LNCS, vol. 5051, pp. 19–38. Springer, Heidelberg (2008)
Boudol, G., Kolundzija, M.: Access Control and Declassification. In: Computer Network Security. CCIS, vol. 1, pp. 85–98. Springer, Heidelberg (2007)
Bruni, R., Mezzina, L.G.: Types and Deadlock Freedom in a Calculus of Services, Sessions and Pipelines. In: Meseguer, J., Roşu, G. (eds.) AMAST 2008. LNCS, vol. 5140, pp. 100–115. Springer, Heidelberg (2008)
Denning, D.E.: A lattice model of secure information flow. Comm. of the ACM 19(5), 236–243 (1976)
Dezani-Ciancaglini, M., de’ Liguoro, U., Yoshida, N.: On Progress for Structured Communications. In: Barthe, G., Fournet, C. (eds.) TGC 2007 and FODO 2008. LNCS, vol. 4912, pp. 257–275. Springer, Heidelberg (2008)
Dezani-Ciancaglini, M., Mostrous, D., Yoshida, N., Drossopoulou, S.: Session Types for Object-Oriented Languages. In: Thomas, D. (ed.) ECOOP 2006. LNCS, vol. 4067, pp. 328–352. Springer, Heidelberg (2006)
Fournet, C., Gordon, A.D.: Stack Inspection: Theory and Variants. In: POPL 2002, pp. 307–318 (2002)
Gay, S., Hole, M.: Subtyping for Session Types in the pi Calculus. Acta Inf. 42(2), 191–225 (2005)
Honda, K., Vasconcelos, V.T., Kubo, M.: Language Primitives and Type Disciplines for Structured Communication-based Programming. In: Hankin, C. (ed.) ESOP 1998. LNCS, vol. 1381, pp. 122–138. Springer, Heidelberg (1998)
Kitchin, D., Cook, W.R., Misra, J.: A Language for Task Orchestration and Its Semantic Properties. In: Baier, C., Hermanns, H. (eds.) CONCUR 2006. LNCS, vol. 4137, pp. 477–491. Springer, Heidelberg (2006)
Lanese, I., Vasconcelos, V.T., Martins, F., Ravara, A.: Disciplining Orchestration and Conversation in Service-Oriented Computing. In: SEFM 2007, pp. 305–314. IEEE Computer Society Press, Los Alamitos (2007)
Lapadula, A., Pugliese, R., Tiezzi, F.: A Calculus for Orchestration of Web Services. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 33–47. Springer, Heidelberg (2007)
Pottier, F., Skalka, C., Smith, S.: A Systematic Approach to Static Access Control. ACM TOPLAS 27(2) (2005)
Skalka, C., Smith, S.: Static Enforcement of Security with Types. ACM SIGPLAN Notices 35(9), 34–45 (2000)
Volpano, D., Smith, G., Irvine, C.: A Sound Type System for Secure Flow Analysis. J. Computer Security 4(3), 167–187 (1996)
Zdancewic, S.: Programming Languages for Information Security. PhD thesis, Cornell University (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kolundžija, M. (2009). Security Types for Sessions and Pipelines. In: Bruni, R., Wolf, K. (eds) Web Services and Formal Methods. WS-FM 2008. Lecture Notes in Computer Science, vol 5387. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01364-5_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-01364-5_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01363-8
Online ISBN: 978-3-642-01364-5
eBook Packages: Computer ScienceComputer Science (R0)