A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Authentication in the Taos operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on operating systems principles
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
The CONTINUE Server (or, How I Administered PADL 2002 and 2003)
PADL '03 Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages
Generic Programming within Dependently Typed Programming
Proceedings of the IFIP TC2/WG2.1 Working Conference on Generic Programming
A judgmental reconstruction of modal logic
Mathematical Structures in Computer Science
Non-Interference in Constructive Authorization Logic
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Polymorphism and separation in hoare type theory
Proceedings of the eleventh ACM SIGPLAN international conference on Functional programming
Access control in a core calculus of dependency
Proceedings of the eleventh ACM SIGPLAN international conference on Functional programming
An Authorization Logic With Explicit Time
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Fable: A Language for Enforcing User-defined Security Policies
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
AURA: a programming language for authorization and audit
Proceedings of the 13th ACM SIGPLAN international conference on Functional programming
A library for light-weight information-flow security in haskell
Proceedings of the first ACM SIGPLAN symposium on Haskell
Variations in Access Control Logic
DEON '08 Proceedings of the 9th international conference on Deontic Logic in Computer Science
Modal types for mobile code
ESOP '09 Proceedings of the 18th European Symposium on Programming Languages and Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Substructural Operational Semantics as Ordered Logic Programming
LICS '09 Proceedings of the 2009 24th Annual IEEE Symposium on Logic In Computer Science
Distributed programming with distributed authorization
Proceedings of the 5th ACM SIGPLAN workshop on Types in language design and implementation
PCAL: language support for proof-carrying authorization systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Specifying and reasoning about dynamic access-control policies
IJCAR'06 Proceedings of the Third international joint conference on Automated Reasoning
Device-enabled authorization in the grey system
ISC'05 Proceedings of the 8th international conference on Information Security
Enforcing stateful authorization and information flow policies in fine
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
IDRIS ---: systems programming meets full dependent types
Proceedings of the 5th ACM workshop on Programming languages meets program verification
Flexible dynamic information flow control in Haskell
Proceedings of the 4th ACM symposium on Haskell
Secure multi-execution in haskell
PSI'11 Proceedings of the 8th international conference on Perspectives of System Informatics
Addressing covert termination and timing channels in concurrent information flow systems
Proceedings of the 17th ACM SIGPLAN international conference on Functional programming
Dependent Type Theory for Verification of Information Flow and Access Control Policies
ACM Transactions on Programming Languages and Systems (TOPLAS)
| Hi-index | 0.00 |
Several recent security-typed programming languages, such as Aura, PCML5, and Fine, allow programmers to express and enforce access control and information flow policies. In this paper, we show that security-typed programming can be embedded as a library within a general-purpose dependently typed programming language, Agda. Our library, Aglet, accounts for the major features of existing security-typed programming languages, such as decentralized access control, typed proof-carrying authorization, ephemeral and dynamic policies, authentication, spatial distribution, and information flow. The implementation of Aglet consists of the following ingredients: First, we represent the syntax and proofs of an authorization logic, Garg and Pfenning's BL0, using dependent types. Second, we implement a proof search procedure, based on a focused sequent calculus, to ease the burden of constructing proofs. Third, we represent computations using a monad indexed by pre- and post-conditions drawn from the authorization logic, which permits ephemeral policies that change during execution. We describe the implementation of our library and illustrate its use on a number of the benchmark examples considered in the literature.