Checking Risky Events Is Enough for Local Policies

14 years 5 months ago

Download www.di.unipi.it

Abstract. An extension of the λ-calculus is proposed to study historybased access control. It allows for parametrized security policies with a possibly nested, local scope. To govern the rich interplay between local policies, we propose a combination of static analysis and dynamic checking. A type and eﬀect system extracts from programs a correct approximation to the histories obtainable at run-time. A further static analysis over these approximations determines how to instrument code so to enforce the desired security constraints. The execution monitor, based on ﬁnite-state automata, runs eﬃciently the instrumented code.

Massimo Bartoletti, Pierpaolo Degano, Gian Luigi F

Real-time Traffic

Historybased Access Control | ICTCS 2005 | Parametrized Security Policies | Static Analysis |

claim paper

Post Info
More Details (n/a)

Added	27 Jun 2010
Updated	27 Jun 2010
Type	Conference
Year	2005
Where	ICTCS
Authors	Massimo Bartoletti, Pierpaolo Degano, Gian Luigi Ferrari

Comments (0)

Sciweavers

Checking Risky Events Is Enough for Local Policies

Historybased Access Control | ICTCS 2005 | Parametrized Security Policies | Static Analysis |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers