Affine Refinement Types for Authentication and Authorization

Abstract: Abstract. Refinement type systems have proved very effective for security policy verification in distributed authorization systems. In earlier work [12], we have proposed an extension of existing refinement typing techniques to exploit sub-structural logics and affine typing in the analysis of resource aware authorization, with policies predicating over access counts, usage bounds and resource consumption. In the present paper, we show that the invariants that we enforced by means of ad-hoc typing mechanisms i… Show more

“…While the problem of letting the payload of the key refer to the identifiers A and B can be solved quite easily, since the referred to identities are globally and publicly known, the problem of letting the payload of a key predicate over the key itself is more involved due to lexical scoping. We show how to devise an encoding to solve the problem of self-dependent key types, which is close in spirit to the session key treatment advocated in previous work [Bugliesi et al 2012]. …”

Affine Refinement Types for Secure Distributed Programming

“…While the problem of letting the payload of the key refer to the identifiers A and B can be solved quite easily, since the referred to identities are globally and publicly known, the problem of letting the payload of a key predicate over the key itself is more involved due to lexical scoping. We show how to devise an encoding to solve the problem of self-dependent key types, which is close in spirit to the session key treatment advocated in previous work [Bugliesi et al 2012]. …”

Affine Refinement Types for Secure Distributed Programming