A static approach is proposed to study secure composition of software. We extend the λ calculus with primitives for invoking services that respect given security requirements. Security critical code is enclosed in policy fram-ings with a possibly nested, local scope. Policy framings enforce safety and liveness properties of execution histo-ries. The actual histories that can occur at runtime are over-approximated by a type and effect system. These ap- proximations are model-checked to verify policy framings within their scopes. This allows for removing any run- time execution monitor, and for selecting those services that match the security requirements.
Titolo: | Enforcing Secure Service Composition |
Autori interni: | |
Anno del prodotto: | 2005 |
Abstract: | A static approach is proposed to study secure composition of software. We extend the λ calculus with primitives for invoking services that respect given security requirements. Security critical code is enclosed in policy fram-ings with a possibly nested, local scope. Policy framings enforce safety and liveness properties of execution histo-ries. The actual histories that can occur at runtime are over-approximated by a type and effect system. These ap- proximations are model-checked to verify policy framings within their scopes. This allows for removing any run- time execution monitor, and for selecting those services that match the security requirements. |
Handle: | http://hdl.handle.net/11568/193293 |
ISBN: | 0769523404 |
Appare nelle tipologie: | 4.1 Contributo in Atti di convegno |