CINECA IRIS Institutional Research Information System
IRIS è la soluzione IT che facilita la raccolta e la gestione dei dati relativi alle attività e ai prodotti della ricerca. Fornisce a ricercatori, amministratori e valutatori gli strumenti per monitorare i risultati della ricerca, aumentarne la visibilità e allocare in modo efficace le risorse disponibili.
EnglishA static approach is proposed to study secure composition of software. We extend the λ calculus with primitives for invoking services that respect given security requirements. Security critical code is enclosed in policy fram-ings with a possibly nested, local scope. Policy framings enforce safety and liveness properties of execution histo-ries. The actual histories that can occur at runtime are over-approximated by a type and effect system. These ap- proximations are model-checked to verify policy framings within their scopes. This allows for removing any run- time execution monitor, and for selecting those services that match the security requirements.
| Titolo: | Enforcing Secure Service Composition | |
| Autori interni: | ||
| Anno del prodotto: | 2005 | |
| Abstract: | A static approach is proposed to study secure composition of software. We extend the λ calculus with primitives for invoking services that respect given security requirements. Security critical code is enclosed in policy fram-ings with a possibly nested, local scope. Policy framings enforce safety and liveness properties of execution histo-ries. The actual histories that can occur at runtime are over-approximated by a type and effect system. These ap- proximations are model-checked to verify policy framings within their scopes. This allows for removing any run- time execution monitor, and for selecting those services that match the security requirements. | |
| Handle: | http://hdl.handle.net/11568/193293 | |
| ISBN: | 0769523404 | |
| Appare nelle tipologie: | 4.1 Contributo in Atti di convegno |
File in questo prodotto:
http://hdl.handle.net/11568/193293
Copyright © 2021