Communication and concurrency
Flow models of distributed computations: three equivalent semantics for CCS
Information and Computation
Language Primitives and Type Discipline for Structured Communication-Based Programming
ESOP '98 Proceedings of the 7th European Symposium on Programming: Programming Languages and Systems
Types and Subtypes for Client-Server Interactions
ESOP '99 Proceedings of the 8th European Symposium on Programming Languages and Systems
Multiparty asynchronous session types
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A secure compiler for session abstractions
Journal of Computer Security - 20th IEEE Computer Security Foundations Symposium (CSF)
Cryptographic Protocol Synthesis and Verification for Multiparty Sessions
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Session types for access and information flow control
CONCUR'10 Proceedings of the 21st international conference on Concurrency theory
Hi-index | 0.00 |
Distributed applications may be specified as parallel compositions of processes that summarize their global interactions and hide local implementation details. These processes define a fixed protocol (also known as a contract, or a session) which may be used for instance to compile or verify code for these applications. Security is a concern when the runtime environment for these applications is not fully trusted. Then, parts of their implementation may run on remote, corrupted machines, which do not comply with the global process specification. To mitigate this concern, one may write defensive implementations that monitor the application run and perform cryptographic checks. However, hand crafting such implementations is ad hoc and error-prone. We develop a theory of secure implementations for process specifications. We propose a generic defensive implementation scheme, relying on history-tracking mechanisms, and we identify sufficient conditions on processes, expressed as a new type system, that ensure that our implementation is secure for all integrity properties. We illustrate our approach on a series of examples and special cases, including an existing implementation for sequential multiparty sessions.