Dynamic Access Control in a Concurrent Object Calculus

  • Avik Chaudhuri
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4137)


We develop a variant of Gordon and Hankin’s concurrent object calculus with support for flexible access control on methods. We investigate safe administration and access of shared resources in the resulting language. Specifically, we show a static type system that guarantees safe manipulation of objects with respect to dynamic specifications, where such specifications are enforced via access changes on the underlying methods at runtime. By labeling types with secrecy groups, we show that well-typed systems preserve their secrets amidst dynamic access control and untrusted environments.


Access Control Type System Access Control Mechanism Evaluation Context Method Body 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abadi, M., Blanchet, B.: Secrecy types for asymmetric communication. Theoretical Computer Science 298(3), 387–415 (2003)CrossRefMathSciNetMATHGoogle Scholar
  2. 2.
    Abadi, M., Cardelli, L.: An imperative object calculus. In: Mosses, P.D., Schwartzbach, M.I., Nielsen, M. (eds.) CAAP 1995, FASE 1995, and TAPSOFT 1995. LNCS, vol. 915, pp. 471–485. Springer, Heidelberg (1995)Google Scholar
  3. 3.
    Banerjee, A., Naumann, D.: Using access control for secure information flow in a Java-like language. In: CSFW 2003: Computer Security Foundations Workshop, pp. 155–169. IEEE, Los Alamitos (2003)CrossRefGoogle Scholar
  4. 4.
    Blasio, P.D., Fisher, K.: A calculus for concurrent objects. In: Sassone, V., Montanari, U. (eds.) CONCUR 1996. LNCS, vol. 1119, pp. 655–670. Springer, Heidelberg (1996)Google Scholar
  5. 5.
    Di Blasio, P., Fisher, K., Talcott, C.: A control-flow analysis for a calculus of concurrent objects. IEEE Transactions on Software Engineering 26(7), 617–634 (2000)CrossRefGoogle Scholar
  6. 6.
    Braghin, C., Gorla, D., Sassone, V.: A distributed calculus for role-based access control. In: CSFW 2004: Computer Security Foundations Workshop, pp. 48–60. IEEE, Los Alamitos (2004)Google Scholar
  7. 7.
    Bugliesi, M., Castagna, G., Crafa, S.: Access control for mobile agents: The calculus of boxed ambients. ACM Transactions on Programming Languages and Systems 26(1), 57–124 (2004)CrossRefGoogle Scholar
  8. 8.
    Bugliesi, M., Colazzo, D., Crafa, S.: Type based discretionary access control. In: Gardner, P., Yoshida, N. (eds.) CONCUR 2004. LNCS, vol. 3170, pp. 225–239. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. 9.
    Cardelli, L., Ghelli, G., Gordon, A.D.: Secrecy and group creation. Information and Computation 196(2), 127–155 (2005)CrossRefMathSciNetMATHGoogle Scholar
  10. 10.
    Chaudhuri, A., Abadi, M.: Secrecy by typing and file-access control. In: CSFW 2006: Computer Security Foundations Workshop. IEEE, Los Alamitos (to appear, 2006)Google Scholar
  11. 11.
    Coquand, T.: Pattern matching with dependent types. In: Workshop on Types for Proofs and Programs, Electronic proceedings (1992)Google Scholar
  12. 12.
    Flanagan, C.: Hybrid type checking. In: POPL 2006: Principles of programming languages, pp. 245–256. ACM, New York (2006)Google Scholar
  13. 13.
    Flanagan, C., Abadi, M.: Object Types against Races. In: Baeten, J.C.M., Mauw, S. (eds.) CONCUR 1999. LNCS, vol. 1664, pp. 288–303. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  14. 14.
    Gordon, A.D., Hankin, P.D.: A concurrent object calculus: Reduction and typing. In: HLCL 1998: High-Level Concurrent Languages, pp. 248–264. Elsevier, Amsterdam (1998)Google Scholar
  15. 15.
    Gordon, A.D., Jeffrey, A.: Secrecy Despite Compromise: Types, Cryptography, and the Pi-Calculus. In: Abadi, M., de Alfaro, L. (eds.) CONCUR 2005. LNCS, vol. 3653, pp. 186–201. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  16. 16.
    Gorla, D., Pugliese, R.: Resource access and mobility control with dynamic privileges acquisition. In: Baeten, J.C.M., Lenstra, J.K., Parrow, J., Woeginger, G.J. (eds.) ICALP 2003. LNCS, vol. 2719, pp. 119–132. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Haack, C., Jeffrey, A.: Timed spi-calculus with types for secrecy and authenticity. In: Abadi, M., de Alfaro, L. (eds.) CONCUR 2005. LNCS, vol. 3653, pp. 202–216. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  18. 18.
    Hamlen, K.W., Morrisett, G., Schneider, F.B.: Certified in-lined reference monitoring on .NET. In: PLAS 2006: Programming Languages and Analysis for Security. ACM, New York (to appear, 2006)Google Scholar
  19. 19.
    Hawblitzel, C., von Eicken, T.: Type system support for dynamic revocation. In: Workshop on Compiler Support for System Software, Electronic proceedings (1999)Google Scholar
  20. 20.
    Hennessy, M., Merro, M., Rathke, J.: Towards a Behavioural Theory of Access and Mobility Control in Distributed Systems. In: Gordon, A.D. (ed.) FOSSACS 2003. LNCS, vol. 2620, pp. 282–298. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  21. 21.
    Hennessy, M., Riely, J.: Resource access control in systems of mobile agents. In: HLCL 1998: High-Level Concurrent Languages, pp. 174–188. Elsevier, Amsterdam (1998)Google Scholar
  22. 22.
    Hennessy, M., Riely, J.: Information flow vs. resource access in the asynchronous pi-calculus. ACM Transactions on Programming Languages and Systems 24(5), 566–591 (2002)CrossRefGoogle Scholar
  23. 23.
    Kirli, Z.D.: Confined mobile functions. In: CSFW 2001: Computer Security Foundations Workshop, pp. 283–294. IEEE, Los Alamitos (2001)Google Scholar
  24. 24.
    Kleist, J., Sangiorgi, D.: Imperative objects as mobile processes. Science of Computer Programming 44(3), 293–342 (2002)CrossRefMathSciNetMATHGoogle Scholar
  25. 25.
    Miklau, G., Suciu, D.: Controlling access to published data using cryptography. In: VLDB 2003, pp. 898–909. Springer, Heidelberg (2003)Google Scholar
  26. 26.
    Milner, R., Tofte, M., Harper, R., MacQueen, D.: The Definition of Standard ML (Revised). MIT Press, Cambridge (1997)Google Scholar
  27. 27.
    Myers, A., Sabelfeld, A., Zdancewic, S.: Enforcing robust declassification. In: CSFW 2004: Computer Security Foundations Workshop, pp. 172–186. IEEE, Los Alamitos (2004)Google Scholar
  28. 28.
    Nicola, R.D., Ferrari, G., Pugliese, R., Venneri, B.: Types for access control. Theoretical Computer Science 240(1), 215–254 (2000)CrossRefMathSciNetMATHGoogle Scholar
  29. 29.
    Pottier, F., Skalka, C., Smith, S.: A systematic approach to static access control. ACM Transactions on Programming Languages and Systems 27(2), 344–382 (2005)CrossRefGoogle Scholar
  30. 30.
    Redell, D.D.: Naming and protection in extendible operating systems. Technical Report 140, Project MAC, MIT (1974)Google Scholar
  31. 31.
    Schneider, F.B.: Enforceable security policies. ACM Transactions on Information and System Security 3(1), 30–50 (2000)CrossRefGoogle Scholar
  32. 32.
    Vasconcelos, V.T.: Typed Concurrent Objects. In: Tokoro, M., Pareschi, R. (eds.) ECOOP 1994. LNCS, vol. 821, pp. 100–117. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  33. 33.
    Zheng, L., Myers, A.: Dynamic security labels and noninterference. In: FAST 2004: Formal Aspects in Security and Trust, pp. 27–40. Springer, Heidelberg (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Avik Chaudhuri
    • 1
  1. 1.Computer Science DepartmentUniversity of CaliforniaSanta Cruz

Personalised recommendations