Code-Carrying Authorization

  • Sergio Maffeis
  • Martín Abadi
  • Cédric Fournet
  • Andrew D. Gordon
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5283)


In authorization, there is often a wish to shift the burden of proof to those making requests, since they may have more resources and more specific knowledge to construct the required proofs. We introduce an extreme instance of this approach, which we call Code-Carrying Authorization (CCA). With CCA, access-control decisions can partly be delegated to untrusted code obtained at run-time. The dynamic verification of this code ensures the safety of authorization decisions. We define and study this approach in the setting of a higher-order spi calculus. The type system of this calculus provides the needed support for static and dynamic verification.


Typing Rule Dynamic Typing Authorization Policy Server Code Mobile Code 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Abadi, M.: Access control in a core calculus of dependency. In: Computation, Meaning, and Logic: Articles dedicated to Gordon Plotkin. ENTCS, vol. 172, pp. 5–31. Elsevier, Amsterdam (2007)Google Scholar
  2. 2.
    Abadi, M., Cardelli, L., Pierce, B., Plotkin, G.: Dynamic typing in a statically-typed language. In: POPL 1989: Proceedings of the 16th Annual ACM Symposium on Principles of Programming Languages, pp. 213–227. ACM, New York (1989)Google Scholar
  3. 3.
    Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: The spi calculus. Inf. and Comp. 148, 1–70 (1999)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Appel, A.W., Felten, E.W.: Proof-carrying authentication. In: CCS 1999: Proceedings of the 6th ACM Conference on Computer and Communications Security, pp. 52–62 (1999)Google Scholar
  5. 5.
    Bauer, L., Schneider, M.A., Felten, E.W.: A general and flexible access-control system for the Web. In: Proceedings of the 11th USENIX Security Symposium, pp. 93–108 (2002)Google Scholar
  6. 6.
    Bengtson, J., Bhargavan, K., Fournet, C., Gordon, A.D., Maffeis, S.: Refinement types for secure implementations. In: 21st IEEE Computer Security Foundations Symposium (CSF 2008), June 2008, pp. 17–32. IEEE, Los Alamitos (2008)CrossRefGoogle Scholar
  7. 7.
    Ceri, S., Gottlob, G., Tanca, L.: What you always wanted to know about Datalog (and never dared to ask). IEEE Trans. Knowl. Data Eng. 1(1), 146–166 (1989)CrossRefGoogle Scholar
  8. 8.
    Chang, B.-Y.E., Chlipala, A.J., Necula, G.C., Schneck, R.R.: The Open Verifier framework for foundational verifiers. In: ACM SIGPLAN Workshop on Types in Language Design and Implementation (TLDI 2005), pp. 1–12. ACM, New York (2005)CrossRefGoogle Scholar
  9. 9.
    Cirillo, A., Jagadeesan, R., Pitcher, C., Riely, J.: Do As I SaY! Programmatic access control with explicit identities. In: CSF 2007: 20th IEEE Computer Security Foundation Symposium, pp. 16–30. IEEE, Los Alamitos (2007)Google Scholar
  10. 10.
    Cirillo, A., Riely, J.: Access control based on code identity for open distributed systems. In: Barthe, G., Fournet, C. (eds.) TGC 2007. LNCS, vol. 4912, pp. 169–185. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    DeTreville, J.: Binder, a logic-based security language. In: IEEE Computer Society Symposium on Research in Security and Privacy, pp. 105–113. IEEE, Los Alamitos (2002)Google Scholar
  12. 12.
    Fournet, C., Gordon, A.D., Maffeis, S.: A type discipline for authorization policies. ACM Trans. Program. Lang. Syst. 29(5), 25 (2007)CrossRefzbMATHGoogle Scholar
  13. 13.
    Fournet, C., Gordon, A.D., Maffeis, S.: A type discipline for authorization policies in distributed systems. In: CSF 2007: 20th IEEE Computer Security Foundation Symposium, pp. 31–45. IEEE, Los Alamitos (2007)Google Scholar
  14. 14.
    Hennessy, M., Rathke, J., Yoshida, N.: SafeDpi: a language for controlling mobile code. Acta Inf. 42(4-5), 227–290 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Lesniewski-Laas, C., Ford, B., Strauss, J., Morris, R., Kaashoek, M.F.: Alpaca: extensible authorization for distributed services. In: CCS 2007: Proceedings of the 14th ACM conference on Computer and communications security, pp. 432–444. ACM, New York (2007)Google Scholar
  16. 16.
    Maffeis, S., Abadi, M., Fournet, C., Gordon, A.D.: Code-carrying authorization. Long version (2008),
  17. 17.
    Necula, G.C.: Proof-carrying code. In: POPL 1997: Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp. 106–119. ACM, New York (1997)Google Scholar
  18. 18.
    Riely, J., Hennessy, M.: Trust and partial typing in open systems of mobile agents. J. Autom. Reas. 31(3-4), 335–370 (2003)MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    Sangiorgi, D.: From pi-calculus to higher-order pi-calculus - and back. In: Gaudel, M.-C., Jouannaud, J.-P. (eds.) CAAP 1993, FASE 1993, and TAPSOFT 1993. LNCS, vol. 668, pp. 151–166. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  20. 20.
    Vaughan, J.A., Jia, L., Mazurak, K., Zdancewic, S.: Evidence-based audit. In: 21st IEEE Computer Security Foundations Symposium (CSF 2008), June 2008, pp. 163–176. IEEE, Los Alamitos (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Sergio Maffeis
    • 2
    • 3
  • Martín Abadi
    • 1
    • 3
  • Cédric Fournet
    • 1
  • Andrew D. Gordon
    • 1
  1. 1.Microsoft ResearchUK
  2. 2.Imperial CollegeLondonUK
  3. 3.University of CaliforniaSanta CruzUSA

Personalised recommendations