Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CSFW
1999
IEEE
1999
IEEE
Secure Composition of Insecure Components
Software systems are becoming heterogeneous: instead of a small number of large programs from well-established sources, a user's desktop may now consist of many smaller components that interact in intricate ways. Some components will be downloaded from the network from sources that are only partially trusted. A user would like to know that a number of security properties hold, e.g. that personal data is not leaked to the net, but it is typically infeasible to verify that such components are well-behaved. Instead, they must be executed in a secure environment, or wrapper, that provides fine-grain control of the allowable interactions between them, and between components and other system resources. In this paper we study such wrappers, focusing on how they can be expressed in a way that enables their security properties to be stated and proved rigorously. We introduce a model programming language, the box- calculus, that supports composition of software components and the enforceme...
Real-time TrafficCSFW 1999 | Security Privacy | Security Properties | Smaller Components | Well-established Sources |
Related Content
| Added | 02 Aug 2010 |
| Updated | 02 Aug 2010 |
| Type | Conference |
| Year | 1999 |
| Where | CSFW |
| Authors | Peter Sewell, Jan Vitek |
Comments (0)
Researcher Info
|
