|Title:||Types for role-based access control of dynamic web data||Journal:||Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)||Volume:||6559 LNCS||First page:||1||Last page:||29||Conference:||19th International Workshop on Functional and Constraint Logic Programming, WFLP 2010; Madrid; Spain; 17 January 2010 through 17 January 2010||Issue Date:||1-Jun-2011||Rank:||M33||ISBN:||978-3-642-20774-7||ISSN:||0302-9743||DOI:||10.1007/978-3-642-20775-4_1||Abstract:||
We introduce a role-based access control calculus for modelling dynamic web data and a corresponding type system. It is an extension of the Xdπ calculus proposed by Gardner and Maffeis. In our framework, a network is a parallel composition of locations, where each location contains processes with roles and a data tree whose edges are associated with roles. Processes can communicate, migrate from a location to another, use the data, change the data and the roles in the local tree. In this way, we obtain a model that controls process access to data. We propose a type system which ensures that a specified network policy is respected during computations. Finally, we show that our calculus obeys the following security properties: (1) all data trees and processes with roles in a location agree with the location policy; (2) a process can migrate only to a location with whose policy it agrees; (3) a process with roles can read and modify only data which are accessible to it; (4) a process with roles can enable and disable roles in agreement with the location policy.
Show full item record
checked on Nov 26, 2022
checked on Nov 27, 2022
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.