Type Based Discretionary Access Control

13 years 11 months ago
Type Based Discretionary Access Control
Abstract. Discretionary Access Control (DAC) systems provide powerful mechanisms for resource management based on the selective distribution of capabilities to selected classes of principals. We study a type-based theory of DAC models for concurrent and distributed systems represented as terms of Cardelli, Ghelli and Gordon’s pi calculus with groups [2]. In our theory, groups play the rˆole of principals, and the structure of types allows fine-grained mechanisms to be specified to govern the transmission of names, to bound the (iterated) re-transmission of capabilities, to predicate their use on the inability to pass them to third parties, ... and more. The type system relies on subtyping to help achieve a selective distribution of capabilities, based on the groups in control of the communication channels. Type preservation provides the basis for a safety theorem stating that in well-typed processes all names flow according to the delivery policies specified by their types, and ...
Michele Bugliesi, Dario Colazzo, Silvia Crafa
Added 01 Jul 2010
Updated 01 Jul 2010
Type Conference
Year 2004
Authors Michele Bugliesi, Dario Colazzo, Silvia Crafa
Comments (0)