Abstract
We propose a novel security type system for the π-calculus in which a fine-grained access control mechanism is guaranteed by static type checking and secure information flow can be characterized by a new form of non-interference property based on typed behavioral equivalence. In this paper, we present the syntax, subtyping rules, and typing rules of the type system, and explain how the secure data access can be controlled by typing. And then we elaborate a framework of typed level bisimulation to construct the secure information flow property named as non-interference at level. Moreover, some results are presented to indicate that our theory is an efficient enforceable model to support the specification and analysis of secure mobile systems.
Work partially supported by National Natural Science Foundation of China (#90104005, #60173032, #60273049).
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
D. Elliott Bell and Leonard J. LaPadula. Secure computer system: Mathematical foundations and model. Technical Report 2547, MITRE Corporation, March 1975.
Riccardo Focardi and Roberto Gorrieri. A classification of security properties for process algebra. Journal of Computer Security, 3(1):5–33, 1995.
Riccardo Focardi and Sabina Rossi. Information flow security in dynamic contexts. In Proceedings of 15th IEEE Computer Security Foundations Workshop. IEEE Press, 2002.
Joseph Goguen and Jose Meseguer. Security policies and security models. In Proceedings of IEEE Symposium on Research in Security and Privacy, pages 11–20. IEEE Press, 1982.
Matthew Hennessy. The security pi-calculus and non-interference. Technical Report CSR Technical Report 05/2000, University of Sussex, May 2000.
C.A.R Hoare. Communication Sequential Processes. Prentice-Hall, 1985.
Daryl McCullough. Specification for mulit-level security and a hook-up property. In Proceedings of IEEE Symposium on Research in Security and Privacy. IEEE Press, 1987.
John McLean. A general theory of composition for a class of possibility composability. IEEE Transaction on Software Engineering, 22(1):53–67, Jan 1996.
Robin Milner. Communication and Concurrency. Prentice-Hall, 1989.
Robin Milner. Communicating and Mobile Systems: the π-calculus. Cambridge University Press, 1999.
Colin O’Halloran. A calculus of information flow. In Proceedings of the European Symposium on Research in Computer Security, 1990.
Peter Ryan and Steve Schneider. Process algebra and noninterference. In Proceedings of 12th IEEE Computer Security Foundations Workshop. IEEE Press, 1999.
Davide Sangiorgi and David Walker. The pi-calculus: A Theory of Mobile Processes. Cambridge University Press, 2001.
Fred B. Schneider, Greg Morrisett, and Robert Harper. A language-based approach. to security. Springer LNCS 2000, 2000.
D. Sutherland. A model of information. In Proceedings of Ninth National Computer Security Conference. National Bureau of Standars/National Computer Security Center, 1986.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, L., Chen, K. (2003). A Typed Theory for Access Control and Information Flow Control in Mobile Systems. In: Safavi-Naini, R., Seberry, J. (eds) Information Security and Privacy. ACISP 2003. Lecture Notes in Computer Science, vol 2727. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45067-X_14
Download citation
DOI: https://doi.org/10.1007/3-540-45067-X_14
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40515-3
Online ISBN: 978-3-540-45067-2
eBook Packages: Springer Book Archive