Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Trustworthy Global Computing

TGC 2005: Trustworthy Global Computing pp 98–115Cite as

History-Based Access Control for Distributed Processes

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3705))

Abstract

This paper presents a type system to control the migration of code between network nodes in a concurrent distributed framework, using the Dπ language. We express resource access policies as types and enforce policies via a type system. Types describe paths travelled by migrating code, enabling the control of history sensitive access to resources. Sites are logically organised in subnetworks that share the same security policies, statically specified by a network administrator. The type system guarantees that well-typed networks are exempt from security policy violations at runtime.

An erratum to this chapter can be found at http://dx.doi.org/10.1007/11580850_20 .

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abadi, M., Fournet, C.: Access control based on execution history. In: Proceedings of NDSSS 2003, pp. 107–121 (2003)

    Google Scholar 

  2. Boudol, G.: Asynchrony and the π-calculus. In: Rapport de Recherche, INRIA Sophia-Antipolis, vol. 1702 (1992)

    Google Scholar 

  3. Boudol, G., Castellani, I., Germain, F., Lacoste, M.: Models of distribution and mobility: State of the art. Mikado Deliverable D1.1.1 (2002)

    Google Scholar 

  4. Bugliesi, M., Colazzo, D., Crafa, S.: Type based discretionary access control. In: Gardner, P., Yoshida, N. (eds.) CONCUR 2004. LNCS, vol. 3170, pp. 225–239. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  5. Cardelli, L., Ghelli, G., Gordon, A.: Mobility types for mobile ambients. In: Wiedermann, J., Van Emde Boas, P., Nielsen, M. (eds.) ICALP 1999. LNCS, vol. 1644, p. 230. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  6. Cardelli, L., Ghelli, G., Gordon, A.: Ambient groups and mobility types. In: Watanabe, O., Hagiya, M., Ito, T., van Leeuwen, J., Mosses, P.D. (eds.) TCS 2000. LNCS, vol. 1872, p. 333. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  7. Cardelli, L., Gordon, A.: Mobile ambients. Theoretical Computer Science 240(1), 177–213 (2000)

    Article  MATH  MathSciNet  Google Scholar 

  8. Chothia, T., Stark, I.: A distributed pi-calculus with local areas of communication. ENTCS vol. 41

    Google Scholar 

  9. De Nicola, R., Ferrari, G., Pugliese, R.: Klaim: a Kernel Language for Agents Interaction and mobility. IEEE Trans. in Software Engineering 24(5), 315–330 (1998)

    Article  Google Scholar 

  10. De Nicola, R., Ferrari, G., Pugliese, R., Veneri, B.: Types for access control. Theoretical Computer Science 240(1), 215–254 (2000)

    Article  MATH  MathSciNet  Google Scholar 

  11. Edjlali, G., Anurag, A., Vipin, C.: History-based access-control for mobile code. In: Proceedings of CCS 1988 (1998)

    Google Scholar 

  12. Gorla, D., Pugliese, R.: Resource access and mobility control with dynamic privileges acquisition. In: Baeten, J.C.M., Lenstra, J.K., Parrow, J., Woeginger, G.J. (eds.) ICALP 2003. LNCS, vol. 2719, pp. 119–132. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  13. Gorla, D., Pugliese, R.: Controlling data movement in global computing applications. In: Proceedings of SAC 2004. ACM Press, New York (2004)

    Google Scholar 

  14. Hennessy, M., Merro, M., Rathke, J.: Towards a behavioural theory of access and mobility control in distributed systems. Theoretical Computer Science (2003)

    Google Scholar 

  15. Hennessy, M., Riely, J.: Resource access control in systems of mobile agents. Journal of Information and Computation 173, 82–120 (2002)

    Article  MATH  MathSciNet  Google Scholar 

  16. Honda, K., Tokoro, M.: An object calculus for asynchronous communication. In: America, P. (ed.) ECOOP 1991. LNCS, vol. 512, pp. 133–147. Springer, Heidelberg (1991)

    Chapter  Google Scholar 

  17. Lhoussaine, C., Sassone, V.: A dependently typed ambient calculus. In: Degano, P. (ed.) ESOP 2003. LNCS, vol. 2618, Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  18. Martins, F., Ravara, A.: Typing migration control in lsdπ. In: Sabelfield, A. (ed.) Proceedings of FCS 2004. TUCS (2004)

    Google Scholar 

  19. Martins, F., Vasconcelos, V.: Controlling security policies in a distributed environment. DI/FCUL TR 04–01 (2004)

    Google Scholar 

  20. Myers, A., Liskov, B.: Protecting privacy using the decentralized label model. ACM Transactions on Software Engineering and Methodology 9(4), 410–442 (2000)

    Article  Google Scholar 

  21. Pierce, B., Sangiorgi, D.: Typing and subtyping for mobile processes. Mathematical Structures in Computer Science 6(5), 409–454 (1996)

    MATH  MathSciNet  Google Scholar 

  22. Ravara, A., Matos, A., Vasconcelos, V., Lopes, L.: Lexically scoping distribution: what you see is what you get. In: FGC: Foundations of Global Computing. ENTCS, vol. 85(1)

    Google Scholar 

  23. Zwicky, E., Cooper, S., Chapman, D.: Building Internet Firewalls, 2nd edn. O’Reilly & Associates (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics, University of Azores, Portugal

    Francisco Martins

  2. Department of Informatics, Faculty of Sciences, University of Lisbon, Portugal

    Vasco Vasconcelos

Authors
  1. Francisco Martins
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vasco Vasconcelos
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dipartimento di Sistemi e Informatica, Università di Firenze, Italy

    Rocco De Nicola

  2. Università di Bologna, Italy

    Davide Sangiorgi

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Martins, F., Vasconcelos, V. (2005). History-Based Access Control for Distributed Processes. In: De Nicola, R., Sangiorgi, D. (eds) Trustworthy Global Computing. TGC 2005. Lecture Notes in Computer Science, vol 3705. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11580850_7

Download citation

  • DOI: https://doi.org/10.1007/11580850_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30007-6

  • Online ISBN: 978-3-540-31483-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation