Abstract not found

Abstract. This paper presents an access control model for programming applications in which the access control to resources can employ user interaction to obtain the necessary permissions. This model is inspired by and improves on the Java MIDP security architecture used in Java-enabled mobile telephones. We consider access control permissions with multiplicities in order to allow to use a permission a certain number of times. An operational semantics of the model and a formal definition of what it means for an application to respect the security model is given. A static analysis which enforces the security model is defined and proved correct. A constraint solving algorithm implementing the analysis is presented. 1

Abstract. This paper shows how type effect systems can be combined with model-checking techniques to produce powerful, automatically verifiable program logics for higher order programs. The properties verified are based on the ordered sequence of events that occur during program execution, so called event traces. Our type and effect systems infer conservative approximations of the event traces arising at run-time, and model-checking techniques are used to verify logical properties of these histories. Our language model is based on the λ-calculus. Technical results include a type inference algorithm for a polymorphic type effect system, and a method for applying known model-checking techniques to the trace effects inferred by the type inference algorithm, allowing static enforcement of history- and stack-based security mechanisms. A type safety result is proven for both unification and subtyping constraint versions of the type system, ensuring that statically well-typed programs do not contain trace event checks that can fail at run-time. 1

A model of resource access control is presented in which the access control to resources can employ user interaction to obtain the necessary permissions. This model is inspired by and improves on the Java security architecture used in Java-enabled mobile telephones. We extend the Java model to include access control permissions with multiplicities in order to allow to use a permission a certain number of times. We define a program model based on control flow graphs together with its operational semantics and provide a formal definition of the basic security policy to enforce viz that an application will always ask for a permission before using it to access a resource. A static analysis which enforces the security policy is defined and proved correct. A constraint solving algorithm implementing the analysis is presented. 1

Abstract not found

Abstract: Among access control models, role-based access control (RBAC) is very useful and is used in many computer systems. This model is continuously under development. Most extensions of RBAC model are based on the current information, such as the currently existing users and the user-role assignments. However, the previous information, such as the deleted users and the user-role de-assignments, is necessary in order to satisfy some demands and policies. This requirement has not been addressed in various existing extensions of the RBAC model. For this purpose, we propose historical role-based access control (HRBAC) in this paper. The term “historical ” can generally be used to describe the things existed in the past or the things exist now. In the proposed model, historical separation of duty (HSD) can be specified. In addition, we have defined some other historical constraints such as historical prerequisite of duty (HPD), historical multiplicity of duty (HMD) and historical acyclic hierarchy (HAH). Formal definitions and some examples of the proposed model are presented in this paper. Keywords: Role-based access control (RBAC), historical rolebased access control (HRBAC), historical separation of duty (HSD), historical prerequisite of duty (HPD), historical multiplicity of duty (HMD), historical acyclic hierarchy (HAH). 1.

Web applications (webapps) are very popular because they are easy to prototype and they can invoke other external webapps, supplied by third parties, as building blocks. Yet, writing correct webapps is complex because developers are required to reason about distributed computation and to write code using heterogeneous languages, often not originally designed with distributed computing in mind. Testing is the common way to catch bugs as current technologies provide limited support. There are doubts this can scale up to meet the expectations of more sophisticated web applications. In this paper, we propose an abstraction that provides simple primitives to manage the two main forms of distributed computation found on the web: remote procedure calls (code executed on a server on behalf of a client) and mobile code (server code executed on a client). We embody this abstraction in a type-safe language with localized static typechecking that we call QWeS 2 T and for which we have implemented a working prototype. We use it to express interaction patterns commonly found on the Web as well as more sophisticated forms that are beyond current

We outline the design of a framework for modelling cloud computing systems.The approach is based on a declarative programming model which takes the form of a λ-calculus enriched with suitable mechanisms to express and enforce application-level security policies governing usages of resources available in the clouds. We will focus on the server side of cloud systems, by adopting a pro-active approach, where explicit security policies regulate server’s behaviour. 1

Abstract. We outline the design of a framework for specifying and reasoning about cloud com- puting systems. The methodology is based on a declarative programming model which takes the form of a λ-calculus enriched with suitable mechanisms to express and enforce application-level security policies governing usages of resources available in the clouds. We will focus on the server side of cloud systems, by adopting a pro-active approach, where explicit security policies regolate server’s behaviour. 1

Abstract. Service Oriented Computing (SOC) is a programming paradigm aiming at characterising Service Networks. Services are entities waiting for clients requests and they often result from the composition of many services. We address here the problem of statically guaranteeing security of open services, i.e. services with unknown components. Security constraints are expressed by local policies that service components must obey. We present here a type and effect system that safely over-approximates, in the form of history expressions, the possible run-time behaviour of open services, collecting partial information on the behaviours of their components. From a history expression, we then extract a plan that drives executions that never rise security violations. Finally, we show how partial plans satisfying security requirements can be put together to obtain a safe orchestration plan. 1