Checking Risky Events Is Enough for Local Policies

15 years 10 months ago

Download www.di.unipi.it

Abstract. An extension of the λ-calculus is proposed to study historybased access control. It allows for parametrized security policies with a possibly nested, local scope. To govern the rich interplay between local policies, we propose a combination of static analysis and dynamic checking. A type and eﬀect system extracts from programs a correct approximation to the histories obtainable at run-time. A further static analysis over these approximations determines how to instrument code so to enforce the desired security constraints. The execution monitor, based on ﬁnite-state automata, runs eﬃciently the instrumented code.

Massimo Bartoletti, Pierpaolo Degano, Gian Luigi F

Real-time Traffic

Historybased Access Control | ICTCS 2005 | Parametrized Security Policies | Static Analysis |

claim paper

» Relaxed Currency and Consistency How to Say Good Enough in SQL

» Verifying the performance of the PCI local bus using symbolic techniques

» Execution Strategies for PTIDES a Programming Model for Distributed Embedded Systems

» Error Explanation with Distance Metrics

» Information Flow Control Revisited Noninfluence Noninterference Nonleakage

Post Info
More Details (n/a)

Added	27 Jun 2010
Updated	27 Jun 2010
Type	Conference
Year	2005
Where	ICTCS
Authors	Massimo Bartoletti, Pierpaolo Degano, Gian Luigi Ferrari

Comments (0)

Sciweavers

Checking Risky Events Is Enough for Local Policies

Historybased Access Control | ICTCS 2005 | Parametrized Security Policies | Static Analysis |

Explore & Download

Productivity Tools

Sciweavers