Type-Based Distributed Access Control vs. Untyped Attackers

13 years 12 months ago
Type-Based Distributed Access Control vs. Untyped Attackers
This paper considers the effect of untyped attackers inside a distributed system where security is enforced by the type system. In previous work we introduced the Key-Based Decentralised Label Model for distributed access control. It combines a weak form of information flow control with cryptographic type casts to allow data to be sent over insecure channels. We present our model of untyped attackers in a simplified version of this calculus, which we call mini-KDLM. We use three sets of type rules. The first set is for honest principals. The second set is for attackers; these rules require that only communication channels can be used to communicate and express our correctness conditions. The third set of type rules are used to type processes that have become corrupted by the attackers. We show that the untyped attackers can leak their own data and disrupt the communication of any principals that place direct trust in an attacker, but no matter what the attackers try, they cannot obt...
Tom Chothia, Dominic Duggan
Added 27 Jun 2010
Updated 27 Jun 2010
Type Conference
Year 2005
Where IFIP
Authors Tom Chothia, Dominic Duggan
Comments (0)