Skip to main content
SpringerLink
Log in

A Semi-lattice Model for Multi-lateral Security

  • Conference paper
Data Privacy Management and Autonomous Spontaneous Security (DPM 2012, SETOP 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7731))

Abstract

In this paper, we present a new security model for distributed active objects. This model emphasizes the aspects of decentralisation and private data of objects. We consider principals as active objects thereby amalgamating subjects and objects into one concept providing a simple uniform security model based on visibility of objects and object local security specification of method accessibility. Decentralized security policies are possible in which every principal has some data that is inaccessible to others. We introduce this new security model algebraically as a semi-lattice contrasting it to the foundations of lattice-based security models similar to Denning’s work. As a proof of concept we show how the model can be naturally interpreted for a calculus of active objects.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abadi, M., Cardelli, L.: A Theory of Objects. Springer, New York (1996)

    Book  MATH  Google Scholar 

  2. Agha, G., Mason, I.A., Smith, S.F., Talcott, C.L.: Towards a Theory of Actor Computation (Extended Abstract). In: Cleaveland, W.R. (ed.) CONCUR 1992. LNCS, vol. 630, pp. 565–579. Springer, Heidelberg (1992)

    Chapter  Google Scholar 

  3. Alpízar, R., Smith, G.: Secure Information Flow for Distributed Systems. In: Degano, P., Guttman, J.D. (eds.) FAST 2009. LNCS, vol. 5983, pp. 126–140. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  4. Anderson, R.: Security Engineering – A Guide to Building Dependable Distributed Systems. Wiley (2001)

    Google Scholar 

  5. Attali, I., Caromel, D., Henrio, L., Aguila, F.L.D.: Secured information flow for asynchronous sequential processes. ENTCS 180(1), 17–34 (2007)

    Google Scholar 

  6. Banerjee, A., Naumann, D.A.: Stack-based access control for secure information flow. Journal of Functional Programming 15(2) (2003)

    Google Scholar 

  7. Caromel, D., Delbé, C., di Costanzo, A., Leyton, M.: ProActive: an integrated platform for programming and running applications on grids and P2P systems. Computational Methods in Science and Technology 12(1), 69–77 (2006)

    Google Scholar 

  8. Caromel, D., Henrio, L., Serpette, B.P.: Asynchronous and deterministic objects. In: Principles of Programming Languages, POPL 2004. ACM Press (2004)

    Google Scholar 

  9. Davey, B.A., Priestley, H.A.: Introduction to Lattices and Order, 2nd edn. Cambridge University Press (2002)

    Google Scholar 

  10. Denning, D.E.: Lattice model of secure information flow. Communications of the ACM 19(5), 236–242 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  11. Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Communications of the ACM 20(7) (1977)

    Google Scholar 

  12. Fenton, J.S.: Information protection systems. PhD thesis, Univ. Cambridge (1973)

    Google Scholar 

  13. Fleck, A., Kammüller, F.: A security model for functional active objects with an implementation in erlang. In: Computational Informatics, Blue Herons (2011)

    Google Scholar 

  14. Halstead Jr., R.H.: Multilisp: A language for concurrent symbolic computation. ACM Transactions on Programming Languages and Systems 7(4), 501–538 (1985)

    Article  MATH  Google Scholar 

  15. Henrio, L., Kammüller, F., Lutz, B.: Aspfun: A typed functional active object calculus. Science of Computer Programming 77(7-8), 823–847 (2012)

    Article  MATH  Google Scholar 

  16. Hutter, D., Mantel, H., Schaefer, I., Schairer, A.: Security of multi-agent systems: A case study on comparison shopping. J. Applied Logic 5(2), 303–332 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  17. Kammüller, F.: Using functional active objects to enforce privacy. In: 5th Conf. on Network Architectures and Information Systems Security, SAR-SSI 2010 (2010)

    Google Scholar 

  18. Kammüller, F.: Privacy Enforcement and Analysis for Functional Active Objects. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cavalli, A., Leneutre, J. (eds.) DPM 2010 and SETOP 2010. LNCS, vol. 6514, pp. 93–107. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  19. Kammüller, F.: Information Flow Control for Functional Active Objects (May 2012), http://user.cs.tu-berlin.de/~flokam/proofs.pdf

  20. Kogan, B., Jajodia, S.: An audit model for object-oriented databases. In: 7th Annual Computer Security Applications Conf., ACSAC 1991, pp. 90–99 (1991)

    Google Scholar 

  21. Mantel, H., Sabelfeld, A.: A unifying approach to the security of distributed and multi-threaded programs. J. Computer Security 11, 2003 (2002)

    Google Scholar 

  22. Myers, A.C., Liskov, B.: A decentralized model for information flow control. In: SOSP 1997. ACM (1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Middlesex University, London, UK

    Florian Kammüller

  2. Technische Universität Berlin, Germany

    Florian Kammüller

Authors
  1. Florian Kammüller
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Università degli Studi Roma Tre, Largo San Leonardo Murialdo, 1, 00146, Rome, Italy

    Roberto Di Pietro

  2. Universitat Politècnica de Catalunya, c. Jordi Girona 1-3, 08034, Barcelona, Spain

    Javier Herranz

  3. Università degli Studi di Milano, Via Bramante, 65, 26013, Milan, Italy

    Ernesto Damiani

  4. University of Luxembourg, rue Alphonse Weicker, 4, 2721, Luxembourg, Luxembourg

    Radu State

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kammüller, F. (2013). A Semi-lattice Model for Multi-lateral Security. In: Di Pietro, R., Herranz, J., Damiani, E., State, R. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2012 2012. Lecture Notes in Computer Science, vol 7731. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35890-6_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35890-6_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35889-0

  • Online ISBN: 978-3-642-35890-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation