Authors: Ghilezan, Silvia 
Jakšić, Svetlana
Pantović, Jovanka
Pérez, Jorge
Vieira, Hugo Torres
Title: A typed model for dynamic authorizations
Journal: Electronic Proceedings in Theoretical Computer Science, EPTCS
Volume: 203
First page: 73
Last page: 84
Conference: 8th International Workshop on Programming Language Approaches to Concurrency- and Communication-cEntric Software, PLACES 2015; London; United Kingdom; 18 April 2015
Issue Date: 10-Feb-2016
ISSN: 2075-2180
DOI: 10.4204/EPTCS.203.6
Abstract: 
Security requirements in distributed software systems are inherently dynamic. In the case of authorization policies, resources are meant to be accessed only by authorized parties, but the authorization to access a resource may be dynamically granted/yielded. We describe ongoing work on a model for specifying communication and dynamic authorization handling. We build upon the π-calculus so as to enrich communication-based systems with authorization specification and delegation; here authorizations regard channel usage and delegation refers to the act of yielding an authorization to another party. Our model includes: (i) a novel scoping construct for authorization, which allows to specify authorization boundaries, and (ii) communication primitives for authorizations, which allow to pass around authorizations to act on a given channel. An authorization error may consist in, e.g., performing an action along a name which is not under an appropriate authorization scope. We introduce a typing discipline that ensures that processes never reduce to authorization errors, even when authorizations are dynamically delegated.
Publisher: Open Publishing Association

Show full item record

SCOPUSTM   
Citations

2
checked on Nov 24, 2024

Page view(s)

25
checked on Nov 24, 2024

Google ScholarTM

Check

Altmetric

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.