Secured Information Flow for Asynchronous Sequential Processes

Attali, Isabelle; Caromel, Denis; Henrio, Ludovic; Aguila, Felipe Luna del

doi:10.1016/j.entcs.2005.05.045

Cited by 7 publications

(11 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Their security approach mainly focuses on other aspects of concurrency such as interleaving processes within an object's thread that might compromise the confidentiality of data. In [2], a dynamic approach is proposed to enforce data confidentiality in the ASP language [14], which is an active object language that uses the future mechanism. In [2], security levels of activities, variables, and futures are fixed and are assigned by the programmer prior to the program execution, but the compliance is checked at runtime when fetching a future value.…”

Section: Research Goal and Methodologymentioning

confidence: 99%

“…In [2], a dynamic approach is proposed to enforce data confidentiality in the ASP language [14], which is an active object language that uses the future mechanism. In [2], security levels of activities, variables, and futures are fixed and are assigned by the programmer prior to the program execution, but the compliance is checked at runtime when fetching a future value. In this thesis, we are looking for a permissive approach where security levels of variables and futures are evaluated during runtime instead of being assigned and over approximated at compile time.…”

Section: Research Goal and Methodologymentioning

confidence: 99%

See 1 more Smart Citation

Information-Flow Control by Means of Security Wrappers for Active Object Languages with Futures

2021

View full text Add to dashboard Cite

In this thesis, we experiment with customizing programming languages to enforce privacy and security policies. We enforce privacy and security requirements at the level of a programming language when a program executes. We design a language and enrich it with the essential features to enforce the requirements. Moreover, we model our language with formal methods and prove that programs written in our language do not violate the desired policies. We design the language's syntax and semantics and formalize the operational semantics with mathematical logic, which enables us to reason about the language's properties.The structure of this thesis is described in the following. First, we introduce privacy and security policies that we want to enforce. We choose the GDPR (General Data Protection Regulation), which has strict requirements to protect the individual's privacy when processing personal data. For security, we give an overview of existing language-based techniques to preserve confidentiality and limit access to sensitive data. Second, we state the research questions that we want to handle in this thesis. Third, we introduce the tools and logic that we use for our research methods and modeling our languages. Finally, we present the research papers and relate the research questions to our contributions.The main contributions of this thesis are presented in three research papers. In the first paper, we introduce a programming language with provable guarantees that protects privacy and enforces the GDPR's requirements. The second paper gives an overview of a category of programming languages, called active object languages, that are used to develop distributed systems. In the third paper, we introduce a security mechanism to enforce security in active object languages. We discuss and prove that our language-based approaches are exact when it comes to enforcing policies and restrictions. Moreover, our approaches can be generalized to other languages.

show abstract

Section: Research Goal and Methodologymentioning

confidence: 99%

Section: Research Goal and Methodologymentioning

confidence: 99%

Information-Flow Control by Means of Security Wrappers for Active Object Languages with Futures

2021

View full text Add to dashboard Cite

show abstract

“…To reduce the run-time overhead, we combine it with a sound static analysis, as the one in [17]. In a paper by Attali et al [2], a dynamic information-flow control approach is performed for the ASP language. Security levels are assigned to activities and communicated data (an activity includes an active object and several passive objects controlled by one thread).…”

Section: Related Workmentioning

confidence: 99%

“…Since future references are not confidential, they are passed between activities without dynamic checking, but getting a future value is checked by a reply transmission rule. In [2], the security model guarantees data confidentiality for multi-level security (MLS) systems, which means that an entity is allowed to access only the information that it is allowed to access. Our approach adds flow-sensitivity, which allows security levels of variables to change inside an object.…”

Section: Related Workmentioning

confidence: 99%

Security Wrappers for Information-Flow Control in Active Object Languages with Futures

Karami,

Owe,

Schneider

2020

Preprint

View full text Add to dashboard Cite

This paper introduces a run-time mechanism for preventing leakage of secure information in distributed systems. We consider a general concurrency language model, where concurrent objects interact by asynchronous method calls and futures. The aim is to prevent leakage of confidential information to low-level viewers. The approach is based on the notion of a security wrapper, which encloses an object or a component and controls its interactions with the environment. A wrapper is a mechanism added by the run-time system to provide protection of an insecure component according to some security policies. The security policies of a wrapper are formalized based on a notion of security levels. At run-time, future components will be wrapped upon need, while only objects of unsafe classes will be wrapped, using static checking to limit the number of unsafe classes and thereby reducing run-time overhead. We define an operational semantics and prove that non-interference is satisfied. A service provider may use wrappers to protect its services in an insecure environment, and vice-versa: a system platform may use wrappers to protect itself from insecure service providers.

show abstract

“…[30], is based on message passing models different to our high level language model. The paper [6] addresses only direct information flows in active objects. The priority program Reliably Secure Software Systems (RS3) of the German Research Foundation (DFG) [34] addresses in its part project MoVeSPAcI [42] security of actor systems using an event based approach without futures.…”

Section: Related Work and Conclusionmentioning

confidence: 99%

Confinement for Active Objects

Kammueller¹

2015

ijacsa

View full text Add to dashboard Cite

Abstract-In this paper, we provide a formal framework for the security of distributed active objects. Active objects communicate asynchronously implementing method calls via futures. We base the formal framework on a security model that uses a semi-lattice to enable multi-lateral security crucial for distributed architectures. We further provide a security type system for the programming model ASPfun of functional active objects. Type safety and a confinement property are presented. ASPfun thus realizes secure down calls.

show abstract

Secured Information Flow for Asynchronous Sequential Processes

Cited by 7 publications

References 21 publications

Information-Flow Control by Means of Security Wrappers for Active Object Languages with Futures

Information-Flow Control by Means of Security Wrappers for Active Object Languages with Futures

Security Wrappers for Information-Flow Control in Active Object Languages with Futures

Confinement for Active Objects

Contact Info

Product

Resources

About