Static enforcement of security with types
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
A sound type system for secure flow analysis
Journal of Computer Security
A lattice model of secure information flow
Communications of the ACM
Stack inspection: theory and variants
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Language Primitives and Type Discipline for Structured Communication-Based Programming
ESOP '98 Proceedings of the 7th European Symposium on Programming: Programming Languages and Systems
Programming languages for information security
Programming languages for information security
Correspondence assertions for process synchronization in concurrent communications
Journal of Functional Programming
A systematic approach to static access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Subtyping for session types in the pi calculus
Acta Informatica
Disciplining Orchestration and Conversation in Service-Oriented Computing
SEFM '07 Proceedings of the Fifth IEEE International Conference on Software Engineering and Formal Methods
Sessions and Pipelines for Structured Service Programming
FMOODS '08 Proceedings of the 10th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
A Type System for Client Progress in a Service-Oriented Calculus
Concurrency, Graphs and Models
Types and Deadlock Freedom in a Calculus of Services, Sessions and Pipelines
AMAST 2008 Proceedings of the 12th international conference on Algebraic Methodology and Software Technology
A calculus for orchestration of web services
ESOP'07 Proceedings of the 16th European conference on Programming
On progress for structured communications
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
SCC: a service centered calculus
WS-FM'06 Proceedings of the Third international conference on Web Services and Formal Methods
A language for task orchestration and its semantic properties
CONCUR'06 Proceedings of the 17th international conference on Concurrency Theory
Session types for object-oriented languages
ECOOP'06 Proceedings of the 20th European conference on Object-Oriented Programming
Calculi for Service-Oriented Computing
Formal Methods for Web Services
Session types for access and information flow control
CONCUR'10 Proceedings of the 21st international conference on Concurrency theory
From ASTD access control policies to WS-BPEL processes deployed in a SOA environment
WISS'10 Proceedings of the 2010 international conference on Web information systems engineering
Enforcing ASTD Access-Control Policies with WS-BPEL Processes in SOA Environments
International Journal of Systems and Service-Oriented Engineering
Modular plans for secure service composition
Journal of Computer Security - ARSPA-WITS'10
| Hi-index | 0.00 |
The growing importance of service-oriented computing has triggered development of formal computational models for service description and orchestration. Several versions of the Service Centered Calculus (SCC) and its successor, the Calculus of Services with Pipelines and Sessions (CaSPiS) have emerged as outcome of those studies, and are based on the notion of interaction patterns called sessions between the service and the client who invokes it. We propose a security oriented extension of Bruni and Mezzina's typed variant of CaSPiS, where security levels have been assigned to service definitions, clients and data. In order to invoke a service, a client must be endowed with an appropriate clearance, and once the service and client agree on the security level, the data exchanged in the initiated session will not exceed this level. We study a type system that statically ensures these security properties.