Abstract
In this paper we describe a language based security model for distributed computing based on functional active objects intended to build a basis for Distributed Information Flow Control (DIFC) and contrast it to earlier models in particular the prominent model by Myers and Liskov. We carefully motivate the assumptions concerning secure communication in distributed object-oriented scenarios, show that they naturally lead to futures as the security abstraction of object oriented message passing, and motivate our assumptions by an example. Finally, the stepping stones to a formal foundation of the model are summarized: the notion of visibility, the security classes, and a definition of information-flow security for distributed active objects.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Anderson, R.: Security Engineering – A Guide to Building Dependable Distributed Systems. Wiley (2001)
Denning, D.E.: Lattice model of secure information flow. Communications of the ACM 19(5), 236–242 (1976)
Fielding, R.T.: Architectural Styles and the Design of Network-based Software Architectures. PhD thesis, University of California, Irvine (2000)
Fleck, A., Kammüller, F.: Implementing privacy with erlang active objects. In: 5th International Conference on Internet Monitoring and Protection, ICIMP 2010. IEEE (2010)
Gollmann, D.: Computer Security. McGraw-Hill (2008)
Halstead Jr., R.H.: Multilisp: A language for concurrent symbolic computation. ACM Transactions on Programming Languages and Systems (TOPLAS) 7(4), 501–538 (1985)
Heller, J.: Catch-22. Vintage (1994), 1961
Harris, W.R., Jha, S., Reps, T.: Difc programs by automatic instrumentation. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, pp. 284–296. ACM, New York (2010)
Henrio, L., Kammüller, F., Lutz, B.: Aspfun: A typed functional active object calculus. Science of Computer Programming (2011) (in print)
Kammüller, F.: Privacy Enforcement and Analysis for Functional Active Objects. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cavalli, A., Leneutre, J. (eds.) DPM 2010 and SETOP 2010. LNCS, vol. 6514, pp. 93–107. Springer, Heidelberg (2011)
Myers, A.C., Liskov, B.: A decentralized model for information flow control. In: Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles, SOSP 1997, pp. 129–142. ACM, New York (1997)
Myers, A.C.: Jflow: Practical mostly-static information flow control. In: 26th ACM Symposium on Principles of Programming Languages, POPL 1999 (1999)
Sabelfeld, A., Mantel, H.: Securing Communication in a Concurrent Language. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 376–394. Springer, Heidelberg (2002)
Weissmann, C.: Security controls in the ADEPT-50 timesharing system. In: AFIPS Conference, pp. 119–133. FJCC (1969)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kammueller, F. (2012). A Security Model for Functional Active Objects. In: Cipolla-Ficarra, F., Veltman, K., Cipolla-Ficarra, M., Kratky, A. (eds) Communicability, Computer Graphics and Innovative Design for Interactive Systems. CCGIDIS 2011. Lecture Notes in Computer Science, vol 7545. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33760-4_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-33760-4_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33759-8
Online ISBN: 978-3-642-33760-4
eBook Packages: Computer ScienceComputer Science (R0)