POPL '88 Proceedings of the 15th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Authentication in the Taos operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on operating systems principles
The type and effect discipline
Information and Computation
A language with distributed scope
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Making the future safe for the past: adding genericity to the Java programming language
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Is the Java type system sound?
Theory and Practice of Object Systems - Special issue on foundations of object-oriented languages
Integrating functional and imperative programming
LFP '86 Proceedings of the 1986 ACM conference on LISP and functional programming
Featherweight Java: a minimal core calculus for Java and GJ
Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Authentication primitives and their compilation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SAFKASI: a security mechanism for language-based systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
Enforcing high-level protocols in low-level software
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Information and Computation - FOOL VII
A Semantic Model for Authentication Protocols
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Authenticity by typing for security protocols
Journal of Computer Security - Special issue on CSFW14
Securing Java RMI-Based Distributed Applications
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Validating a web service security abstraction by typing
Formal Aspects of Computing
Validating a web service security abstraction by typing
Formal Aspects of Computing
Non-Interference in Constructive Authorization Logic
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Access control in a core calculus of dependency
Proceedings of the eleventh ACM SIGPLAN international conference on Functional programming
Featherweight generic confinement
Journal of Functional Programming
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
Do As I SaY! Programmatic Access Control with Explicit Identities
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
A Type Discipline for Authorization in Distributed Systems
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Encapsulating objects with confined types
ACM Transactions on Programming Languages and Systems (TOPLAS)
A distributed object-oriented language with session types
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
A type discipline for authorization policies
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
A linear logic of authorization and knowledge
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Do You Know Where Your Data's Been? --- Tamper-Evident Database Provenance
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Towards a theory of accountability and audit
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
The Foundations for Provenance on the Web
Foundations and Trends in Web Science
A core calculus for provenance
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Functional programs that explain their work
Proceedings of the 17th ACM SIGPLAN international conference on Functional programming
A core calculus for provenance
Journal of Computer Security - Security and Trust Principles
| Hi-index | 0.00 |
Existing web services and mashups exemplify the need for flexible construction of distributed applications. How to do so securely remains a topic of current research.We present TAPIDO, a programming model to address Trust and Authorization concerns via Provenance and Integrity in systems of Distributed Objects. Creation of TAPIDO objects requires (static) authorization checks and their communication provides fine-grain control of their embedded authorization effects. TAPIDO programs constrain such delegation of rights by using provenance information. A type-and-effect system with effect polymorphism provides static support for the programmer to reason about security policies. We illustrate the programming model and static analysis with example programs and policies.