An algebraic basis for specifying and enforcing access control in security systems

Authors:
Claus Pahl
Affiliations:
School of Computer Applications, Dublin City University, Dublin, Ireland
Venue:
IW-FM'00 Proceedings of the 4th Irish conference on Formal Methods
Year:
2000

Citing 16
Cited 0

Communicating sequential processes

Communicating sequential processes
Acceptance trees

Journal of the ACM (JACM)
Denotational semantics: a methodology for language development

Denotational semantics: a methodology for language development
Notions of computation and monads

Information and Computation
Basic category theory for computer scientists

Basic category theory for computer scientists
The essence of functional programming

POPL '92 Proceedings of the 19th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Fundamentals of computer security technology

Fundamentals of computer security technology
Category theory for computing science, 2nd ed.

Category theory for computing science, 2nd ed.
Security in computing

Security in computing
Secure information flow in a multi-threaded imperative language

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The SLam calculus: programming with secrecy and integrity

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The marriage of effects and monads

ICFP '98 Proceedings of the third ACM SIGPLAN international conference on Functional programming
Computer security

Computer security
A core calculus of dependency

Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Communication and Concurrency

Communication and Concurrency
Modular Denotational Semantics for Compiler Construction

ESOP '96 Proceedings of the 6th European Symposium on Programming Languages and Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security services in a multi-user environment are often based on access control mechanisms. Static aspects of an access control policy can be formalised using abstract algebraic models. We integrate these static aspects into a dynamic framework considering requesting access to resources as a process aiming at the prevention of access control violations when a program is executed. We use another algebraic technique, monads, as a meta-language to integrate access control operations into a functional programming language. The integration of monads and concepts from a denotational model for process algebras provides a framework for programming of access control in security systems.