Security types for dynamic web data

Authors:
Mariangiola Dezani-Ciancaglini;Silvia Ghilezan;Jovanka Pantovi;Daniele Varacca
Affiliations:
Dipartimento di Informatica, Università di Torino, Italy;Faculty of Engineering, University of Novi Sad, Serbia;Faculty of Engineering, University of Novi Sad, Serbia;PPS, University of Paris 7 & CNRS, France
Venue:
Theoretical Computer Science
Year:
2008

Citing 18
Cited 2

A calculus of mobile processes, II

Information and Computation
Data on the Web: from relations to semistructured data and XML

Data on the Web: from relations to semistructured data and XML
Behavioral equivalence in the polymorphic pi-calculus

Journal of the ACM (JACM)
Types for access control

Theoretical Computer Science
Resource access control in systems of mobile agents

Information and Computation
PI-Calculus: A Theory of Mobile Processes

PI-Calculus: A Theory of Mobile Processes
Information flow vs. resource access in the asynchronous pi-calculus

ACM Transactions on Programming Languages and Systems (TOPLAS)
Types for the ambient calculus

Information and Computation - IFIP TCS2000
Lattice-Based Access Control Models

Computer
Ubql: a distributed query language to program distributed query systems

Ubql: a distributed query language to program distributed query systems
Typed behavioural equivalences for processes in the presence of subtyping

Mathematical Structures in Computer Science
Formalising Java RMI with explicit code mobility

OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
The Seal Calculus

Information and Computation
Modelling dynamic web data

Theoretical Computer Science - Applied semantics: Selected topics
The KOA remote voting system: a summary of work to date

TGC'06 Proceedings of the 2nd international conference on Trustworthy global computing
Security types for dynamic web data

TGC'06 Proceedings of the 2nd international conference on Trustworthy global computing
A mobility calculus with local and dependent types

Processes, Terms and Cycles
Language-based information-flow security

IEEE Journal on Selected Areas in Communications

Calculi, types and applications

Theoretical Computer Science
Types for role-based access control of dynamic web data

WFLP'10 Proceedings of the 19th international conference on Functional and constraint logic programming

Quantified Score

Hi-index	5.23

Visualization

Abstract

We describe a type system for the Xd@p calculus of Gardner and Maffeis. An Xd@p-network is a network of locations, where each location consists of both a data tree (which contains scripts and pointers to nodes in trees at different locations) and a process, for modeling process interaction, process migration and interaction between processes and data. Our type system is based on types for locations, data and processes, expressing security levels. A tree can store data of different security level, independently from the security level of the enclosing location. The access and mobility rights of a process depend on the security level of the ''source'' location of the process itself, i.e. of the location where the process was in the initial network or where the process was created by the activation of a script. The type system enjoys type preservation under reduction (subject reduction). In consequence of subject reduction we prove the following security properties. In a well-typed Xd@p-network, a process P whose source location is of level h can copy data of security level at most h and update data of security level less than h. Moreover, the process P can only communicate data and go to locations of security level equal or less than h.