Extensible access control with authorization contracts

Moore, Scott M.; Dimoulas, Christos; Findler, Robert Bruce; Flatt, Matthew; Chong, Stephen

doi:10.1145/2983990.2984021

Cited by 10 publications

(6 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…After Findler & Felleisen (2002) brought software contracts into functional programming, a cottage industry of software contract verification techniques sprung up (Hinze et al, 2006;Findler et al, 2008;Degen et al, 2009;Dimoulas et al, 2009;Chitil, 2012;Dimoulas et al, 2013;Moore et al, 2016). Swords et al (2015) provides a framework for expressing their interactions, and we extend and revise that work.…”

Section: Additional Software Contract Verification Techniquesmentioning

confidence: 99%

“…Security Enforcement Contracts. Moore et al (2016) introduce contracts to model authorization and access control (Moore et al, 2016), which provide a domainspecific language for writing security-centric contracts. It is conceivable to recreate such behavior as a strategy with customized contract inputs, wherein the strategy inspects the structure of its contract and acts accordingly.…”

Section: Additional Software Contract Verification Techniquesmentioning

confidence: 99%

“…Researchers have proposed myriad contract enforcement strategies in response to these rising complexities, including lazy monitors (Degen et al, 2009;Chitil, 2012), concurrent monitoring systems (Dimoulas et al, 2009), optional enforcement (Dimoulas et al, 2013), and probabilistic contract verification (Moore et al, 2016;Hickey, 2018).…”

Section: Introductionmentioning

confidence: 99%

“…While modern contract software verification literature introduces a slew of such specifications (Ergün et al, 1998;Findler & Felleisen, 2002;Chitil et al, 2003;Hinze An extended account of contract monitoring strategies 3 et al., 2006;Degen et al, 2009;Disney et al, 2011;Chitil, 2012;Dimoulas et al, 2013;Keil & Thiemann, 2015;Moore et al, 2016;Hickey, 2018), each variation makes distinct decisions about the various trade-offs for verification, including…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

An extended account of contract monitoring strategies as patterns of communication

Swords¹,

Sabry²,

Tobin-Hochstadt³

2018

J. Funct. Prog.

View full text Add to dashboard Cite

Contract systems have come to play a vital role in many aspects of software engineering. This has resulted in a wide variety of approaches to enforcing contracts—ranging from the straightforward pre-condition and post-condition checking of Eiffel to lazy, optional, and parallel enforcement strategies. Each of these approaches has its merits, but each has required ground-up development of an entire contract monitoring system. We present a unified approach to understanding this variety, while also opening the door to as-yet-undiscovered strategies. By observing that contracts are fundamentally about communication between a program and a monitor, we reframe contract checking as communication between concurrent processes. This brings out the underlying relations between widely studied enforcement strategies, including strict and lazy enforcement as well as concurrent approaches, including new contracts and strategies. We show how each of these can be embedded into a core calculus, and demonstrate a proof (via simulation) of correctness for one such encoding. Finally, we show that our approach suggests new monitoring approaches and contracts not previously expressible.

show abstract

Section: Additional Software Contract Verification Techniquesmentioning

confidence: 99%

Section: Additional Software Contract Verification Techniquesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

An extended account of contract monitoring strategies as patterns of communication

Swords¹,

Sabry²,

Tobin-Hochstadt³

2018

J. Funct. Prog.

View full text Add to dashboard Cite

show abstract

“…But a process can run on behalf of a different user if it runs an executable that has the setuid bit set. When a process invokes a setuid executable, the operating system launches a new process This technical report expands [30] with additional examples and code listings, along with a formal definition and proof of complete monitoring for the contract system described in Section 3. 1. to run the executable and associates the new process with the user that owns the executable, rather than the user that invoked it.…”

Section: Introductionmentioning

confidence: 99%

Extensible access control with authorization contracts

et al. 2016

Self Cite

View full text Add to dashboard Cite

Existing programming language access control frameworks do not meet the needs of all software components. We propose an expressive framework for implementing access control monitors for components. The basis of the framework is a novel concept: the authority environment. An authority environment associates rights with an execution context. The building blocks of access control monitors in our framework are authorization contracts: software contracts that manage authority environments. We demonstrate the expressiveness of our framework by implementing a diverse set of existing access control mechanisms and writing custom access control monitors for three realistic case studies.

show abstract

Trace contracts

MOY,

FELLEISEN

2023

J. Funct. Prog.

View full text Add to dashboard Cite

Behavioral software contracts allow programmers to strengthen the obligations and promises that they express with conventional types. They lack expressive power, though, when it comes to invariants that hold across several function calls. Trace contracts narrow this expressiveness gap. A trace contract is a predicate over the sequence of values that flow through function calls and returns. This paper presents a principled design, an implementation, and an evaluation of trace contracts.

show abstract

Extensible access control with authorization contracts

Cited by 10 publications

References 33 publications

An extended account of contract monitoring strategies as patterns of communication

An extended account of contract monitoring strategies as patterns of communication

Extensible access control with authorization contracts

Trace contracts

Contact Info

Product

Resources

About