EnglishA static approach is proposed to study secure composition of software. We extend the λ calculus with primitives for invoking services that respect given security requirements. Security critical code is enclosed in policy fram-ings with a possibly nested, local scope. Policy framings enforce safety and liveness properties of execution histo-ries. The actual histories that can occur at runtime are over-approximated by a type and effect system. These ap- proximations are model-checked to verify policy framings within their scopes. This allows for removing any run- time execution monitor, and for selecting those services that match the security requirements.
| Titolo: | Enforcing Secure Service Composition |
| Autori: | |
| Anno del prodotto: | 2005 |
| Abstract: | A static approach is proposed to study secure composition of software. We extend the λ calculus with primitives for invoking services that respect given security requirements. Security critical code is enclosed in policy fram-ings with a possibly nested, local scope. Policy framings enforce safety and liveness properties of execution histo-ries. The actual histories that can occur at runtime are over-approximated by a type and effect system. These ap- proximations are model-checked to verify policy framings within their scopes. This allows for removing any run- time execution monitor, and for selecting those services that match the security requirements. |
| Handle: | http://hdl.handle.net/11568/193293 |
| ISBN: | 0769523404 |
| Appare nelle tipologie: | 4.1 Contributo in Atti di convegno |
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Utilizza questo identificativo per citare o creare un link a questo documento:
http://hdl.handle.net/11568/193293
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
Copyright © 2018