Automatic Generation of History-Based Access Control from Information Flow Specification

  • Yoshiaki Takata
  • Hiroyuki Seki
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6252)


This paper proposes a method for automatically inserting check statements for access control into a given recursive program according to a given security specification. A history-based access control (HBAC) is assumed as the access control model. A security specification is given in terms of information flow. We say that a program π satisfies a specification Γ if π is type-safe when we consider each security class in Γ as a type. We first define the problem as the one to insert check statements into a given program π to obtain a program π′ that is type-safe for a given specification Γ. This type system is sound in the sense that if a program π is type-safe for a specification Γ, then π has noninterference property for Γ. Next, the problem is shown to be co-NP-hard and we propose an algorithm for solving the problem. The paper also reports experimental results based on our implemented system and shows that the proposed method can work within reasonable time.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abadi, M., Fournet, C.: Access control based on execution history. In: Network & Distributed System Security Symp., pp. 107–121 (2003)Google Scholar
  2. 2.
    Banerjee, A., Naumann, D.A.: History-based access control and secure information flow. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 27–48. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  3. 3.
    Banerjee, A., Naumann, D.A.: Stack-based access control and secure information flow. Journal of Functional Programming 5(2), 131–177 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Bartoletti, M., Degano, P., Ferrari, G.L.: Static analysis for stack inspection. In: ConCoord. ENTCS, vol. 54 (2001)Google Scholar
  5. 5.
    Besson, F., Blanc, T., Fournet, C., Gordon, A.D.: From stack inspection to access control: A security analysis for libraries. In: 17th IEEE CSFW, pp. 61–75 (2004)Google Scholar
  6. 6.
    Denning, D.E.: A lattice model of secure information flow. ACM Commun. 19(5), 236–243 (1976)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Esparza, J., Hansel, D., Rossmanith, P., Schwoon, S.: Efficient algorithms for model-checking pushdown systems. In: Emerson, E.A., Sistla, A.P. (eds.) CAV 2000. LNCS, vol. 1855, pp. 232–247. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  8. 8.
    Esparza, J., Kučera, A., Schwoon, S.: Model-checking LTL with regular variations for pushdown systems. In: Kobayashi, N., Pierce, B.C. (eds.) TACS 2001. LNCS, vol. 2215, pp. 316–339. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Fong, P.W.: Access control by tracking shallow execution history. In: IEEE Symp. on Security & Privacy, pp. 43–55 (2004)Google Scholar
  10. 10.
    Heintze, N., Riecke, J.G.: The Slam calculus: Programming with secrecy and integrity. In: 25th ACM POPL, pp. 365–377 (1998)Google Scholar
  11. 11.
    Jensen, T., Le Métayer, D., Thorn, T.: Verification of control flow based security properties. In: IEEE Symp. on Security & Privacy, pp. 89–103 (1999)Google Scholar
  12. 12.
    Koved, L., Pistoia, M., Kershenbaum, A.: Access rights analysis for Java. In: 17th ACM OOPSLA, pp. 359–372 (2002)Google Scholar
  13. 13.
    Leroy, X., Rouaix, F.: Security properties of typed applets. In: 25th ACM POPL, pp. 391–403 (1998)Google Scholar
  14. 14.
    Myers, A.C., Liskov, B.: Complete, safe information flow with decentralized labels. In: IEEE Symp. on Security & Privacy, pp. 186–197 (1998)Google Scholar
  15. 15.
    Nitta, N., Takata, Y., Seki, H.: An efficient security verification method for programs with stack inspection. In: 8th ACM CCS, pp. 68–77 (2001)Google Scholar
  16. 16.
    Pistoia, M., Banerjee, A., Naumann, D.A.: Beyond stack insepction: A unified acess-control and information-flow security model. In: IEEE Symp. on Security & Privacy, pp. 149–163 (2007)Google Scholar
  17. 17.
    Pottier, F., Skalka, C., Smith, S.: A systematic approach to access control. In: Sands, D. (ed.) ESOP 2001. LNCS, vol. 2028, pp. 30–45. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  18. 18.
    Takata, Y., Seki, H.: Automatic generation of history-based access control from information flow specification. Tech. Rep. NAIST-IS-TR2010002, Nara Institute of Science and Technology (2010),
  19. 19.
    Takata, Y., Wang, J., Seki, H.: A formal model and its verification of history-based access control. IEICE Trans. on Information and Systems (Japanese Edition) J91-D(4), 847–858 (2008)Google Scholar
  20. 20.
    Volpano, D., Smith, G.: A type-based approach to program security. In: Bidoit, M., Dauchet, M. (eds.) CAAP 1997, FASE 1997, and TAPSOFT 1997. LNCS, vol. 1214, pp. 607–621. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  21. 21.
    Wang, J., Takata, Y., Seki, H.: HBAC: A model for history-based access control and its model checking. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 263–278. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Yoshiaki Takata
    • 1
  • Hiroyuki Seki
    • 2
  1. 1.Kochi University of TechnologyTosayamada, KochiJapan
  2. 2.Nara Institute of Science and TechnologyIkoma, NaraJapan

Personalised recommendations