
arXiv: 1602.03596
Security requirements in distributed software systems are inherently dynamic. In the case of authorization policies, resources are meant to be accessed only by authorized parties, but the authorization to access a resource may be dynamically granted/yielded. We describe ongoing work on a model for specifying communication and dynamic authorization handling. We build upon the pi-calculus so as to enrich communication-based systems with authorization specification and delegation; here authorizations regard channel usage and delegation refers to the act of yielding an authorization to another party. Our model includes: (i) a novel scoping construct for authorization, which allows to specify authorization boundaries, and (ii) communication primitives for authorizations, which allow to pass around authorizations to act on a given channel. An authorization error may consist in, e.g., performing an action along a name which is not under an appropriate authorization scope. We introduce a typing discipline that ensures that processes never reduce to authorization errors, even when authorizations are dynamically delegated.
In Proceedings PLACES 2015, arXiv:1602.03254
FOS: Computer and information sciences, Computer Science - Logic in Computer Science, Computer Science - Programming Languages, QA75 Electronic computers. Computer science, QA75.5-76.95, Logic in Computer Science (cs.LO), Electronic computers. Computer science, QA1-939, Mathematics, Programming Languages (cs.PL)
FOS: Computer and information sciences, Computer Science - Logic in Computer Science, Computer Science - Programming Languages, QA75 Electronic computers. Computer science, QA75.5-76.95, Logic in Computer Science (cs.LO), Electronic computers. Computer science, QA1-939, Mathematics, Programming Languages (cs.PL)
| selected citations These citations are derived from selected sources. This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically). | 1 | |
| popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network. | Average | |
| influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically). | Average | |
| impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network. | Average |
