Abstract
Distributed systems and applications are often expected to enforce high-level authorization policies. To this end, the code for these systems relies on lower-level security mechanisms such as, for instance, digital signatures, local ACLs, and encrypted communications. In principle, authorization specifications can be separated from code and carefully audited. Logic programs, in particular, can express policies in a simple, abstract manner.
For a given authorization policy, we consider the problem of checking whether a cryptographic implementation complies with the policy. We formalize authorization policies by embedding logical predicates and queries within a spi calculus. This embedding is new, simple, and general; it allows us to treat logic programs as specifications of code using secure channels, cryptography, or a combination. Moreover, we propose a new dependent type system for verifying such implementations against their policies. Using Datalog as an authorization logic, we show how to type several examples using policies and present a general schema for compiling policies.
Chapter PDF
Similar content being viewed by others
Keywords
- Operational Semantic
- Access Control Policy
- Authorization Language
- Authorization Policy
- Trust Management System
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abadi, M.: On SDSI’s linked local name spaces. J. Computer Security 6(1–2), 3–21 (1998)
Abadi, M.: Secrecy by typing in security protocols. J. ACM 46(5), 749–786 (1999)
Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: The spi calculus. Information and Computation 148, 1–70 (1999)
Becker, M.Y., Sewell, P.: Cassandra: flexible trust management, applied to electronic health records. In: 17th IEEE Computer Security Foundations Workshop (CSFW 2004), June 2004, pp. 139–154 (2004)
Blanchet, B.: From secrecy to authenticity in security protocols. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 342–359. Springer, Heidelberg (2002)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: IEEE 17th Symposium on Research in Security and Privacy, pp. 164–173 (1996)
Braghin, C., Gorla, D., Sassone, V.: A distributed calculus for role-based access control. In: 17th IEEE Computer Security Foundations Workshop (CSFW 2004), June 2004, pp. 48–60 (2004)
Bugliesi, M., Castagna, G., Crafa, S.: Access control for mobile agents: the calculus of boxed ambients. ACM TOPLAS 26(1), 57–124 (2004)
Bugliesi, M., Colazzo, D., Crafa, S.: Type based discretionary access control. In: Gardner, P., Yoshida, N. (eds.) CONCUR 2004. LNCS, vol. 3170, pp. 225–239. Springer, Heidelberg (2004)
Ceri, S., Gottlob, G., Tanca, L.: What you always wanted to know about Datalog (and never dared to ask). IEEE Transactions on Knowledge and Data Engineering 1(1), 146–166 (1989)
ContentGuard. XrML 2.0 Technical Overview (March 2002), http://www.xrml.org/
De Treville, J.: Binder, a logic-based security language. In: IEEE Computer Society Symposium on Research in Security and Privacy, pp. 105–113 (2002)
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Transactions on Information Theory IT–29(2), 198–208 (1983)
Fournet, C., Gordon, A.D., Maffeis, S.: A type discipline for authorization policies. Technical Report MSR–TR–2005–01, Microsoft Research (2005)
Gordon, A.D., Jeffrey, A.: Typing one-to-one and one-to-many correspondences in security protocols. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds.) ISSS 2002. LNCS, vol. 2609, pp. 270–282. Springer, Heidelberg (2003)
Gordon, A.D., Jeffrey, A.: Authenticity by typing for security protocols. J. Computer Security 11(4), 451–521 (2003)
Gordon, A.D., Jeffrey, A.: Typing correspondence assertions for communication protocols. Theoretical Comput. Sci. 300, 379–409 (2003)
Guelev, D.P., Ryan, M.D., Schobbens, P.-Y.: Model-checking access control policies. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 219–230. Springer, Heidelberg (2004)
Guttman, J.D., Thayer, F.J., Carlson, J.A., Herzog, J.C., Ramsdell, J.D., Sniffen, B.T.: Trust management in strand spaces: a rely-guarantee method. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 325–339. Springer, Heidelberg (2004)
Jim, T.: SD3: a trust management system with certified evaluation. In: IEEE Computer Society Symposium on Research in Security and Privacy, pp. 106–115 (2001)
Li, N., Mitchell, J.C.: Understanding SPKI/SDSI using first-order logic. In: Proceedings of the 16th IEEE Computer Security Foundation Workshop (CSFW 2003), pp. 89–103 (2003)
Myers, A.C., Liskov, B.: Protecting privacy using the decentralized label model. ACM Transactions on Software Engineering and Methodology 9(4), 410–442 (2000)
Nicola, R.D., Ferrari, G., Pugliese, R.: Programming access control: The KLAIM experience. In: Palamidessi, C. (ed.) CONCUR 2000. LNCS, vol. 1877, pp. 48–65. Springer, Heidelberg (2000)
Woo, T., Lam, S.: A semantic model for authentication protocols. In: IEEE Computer Society Symposium on Research in Security and Privacy, pp. 178–194 (1993)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Fournet, C., Gordon, A.D., Maffeis, S. (2005). A Type Discipline for Authorization Policies. In: Sagiv, M. (eds) Programming Languages and Systems. ESOP 2005. Lecture Notes in Computer Science, vol 3444. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31987-0_11
Download citation
DOI: https://doi.org/10.1007/978-3-540-31987-0_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25435-5
Online ISBN: 978-3-540-31987-0
eBook Packages: Computer ScienceComputer Science (R0)