On Access Checking in Capability-Based Systems
IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Concurrent constraint programming
Concurrent constraint programming
Default timed concurrent constraint programming
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
IEEE Transactions on Software Engineering - Special issue on formal methods in software practice
A Linear Time Algorithm for Deciding Subject Security
Journal of the ACM (JACM)
Protection in operating systems
Communications of the ACM
Temporal concurrent constraint programming: denotation, logic and applications
Nordic Journal of Computing
The transfer of information and authority in a protection system
SOSP '79 Proceedings of the seventh ACM symposium on Operating systems principles
The Confused Deputy: (or why capabilities might have been invented)
ACM SIGOPS Operating Systems Review
PROGRAMMING SEMANTICS FOR MULTIPROGRAMMED COMPUTATIONS
PROGRAMMING SEMANTICS FOR MULTIPROGRAMMED COMPUTATIONS
Concepts, Techniques, and Models of Computer Programming
Concepts, Techniques, and Models of Computer Programming
Secure Systems Development with UML
Secure Systems Development with UML
A practical formal model for safety analysis in capability-based systems
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
The structure of authority: why security is not a separable concern
MOZ'04 Proceedings of the Second international conference on Multiparadigm Programming in Mozart/Oz
The oz-e project: design guidelines for a secure multiparadigm programming language
MOZ'04 Proceedings of the Second international conference on Multiparadigm Programming in Mozart/Oz
Non-delegatable authorities in capability systems
Journal of Computer Security
Formal Aspects in Security and Trust
SOFSEM'08 Proceedings of the 34th conference on Current trends in theory and practice of computer science
Concurrency among strangers: programming in E as plan coordination
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
A practical formal model for safety analysis in capability-based systems
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
Capabilities for information flow
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Modelling Access Propagation in Dynamic Systems
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.00 |
We present a formal system that models programmable abstractions for access control. Composite abstractions and patterns of arbitrary complexity are modeled as a configuration of communicating subjects. The subjects in the model can express behavior that corresponds to how information and authority are propagated in capability systems. The formalism is designed to be useful for analyzing how information and authority are confined in arbitrary configurations, but it will also be useful in the reverse sense, to calculate the necessary restrictions in a subject's behavior when a global confinement policy is given. We introduce a subclass of these systems we call "saturated", that can provide safe and tractable approximations for the safety properties in arbitrary configurations of collaborating entities.