Notions of computation and monads
Information and Computation
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Foundations of programming languages
Foundations of programming languages
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
A sound type system for secure flow analysis
Journal of Computer Security
Information flow inference for ML
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Representation independence and data abstraction
POPL '86 Proceedings of the 13th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
Secure Information Flow via Linear Continuations
Higher-Order and Symbolic Computation
A Language-Based Approach to Security
Informatics - 10 Years Back. 10 Years Ahead.
Monads for Functional Programming
Advanced Functional Programming, First International Spring School on Advanced Functional Programming Techniques-Tutorial Text
LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
Secure Information Flow and Pointer Confinement in a Java-like Language
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Authenticity by typing for security protocols
Journal of Computer Security - Special issue on CSFW14
Access control for the web via proof-carrying authorization
Access control for the web via proof-carrying authorization
Translating dependency into parametricity
Proceedings of the ninth ACM SIGPLAN international conference on Functional programming
Stack-based access control and secure information flow
Journal of Functional Programming
End-to-End Availability Policies and Noninterference
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Non-Interference in Constructive Authorization Logic
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Access control in a core calculus of dependency
Proceedings of the eleventh ACM SIGPLAN international conference on Functional programming
Dynamic security labels and static information flow control
International Journal of Information Security
A Type Discipline for Authorization in Distributed Systems
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Dynamic types for authentication
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Fable: A Language for Enforcing User-defined Security Policies
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
AURA: a programming language for authorization and audit
Proceedings of the 13th ACM SIGPLAN international conference on Functional programming
Variations in Access Control Logic
DEON '08 Proceedings of the 9th international conference on Deontic Logic in Computer Science
State-dependent representation independence
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Encoding information flow in Aura
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Inputs of Coma: Static Detection of Denial-of-Service Vulnerabilities
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Logic of infons: The propositional case
ACM Transactions on Computational Logic (TOCL)
AuraConf: a unified approach to authorization and confidentiality
Proceedings of the 7th ACM SIGPLAN workshop on Types in language design and implementation
Unifying facets of information integrity
ICISS'10 Proceedings of the 6th international conference on Information systems security
A type discipline for authorization policies
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Using admissible interference to detect denial of service vulnerabilities
IWFM'03 Proceedings of the 6th international conference on Formal Methods
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
New modalities for access control logics: permission, control and ratification
STM'11 Proceedings of the 7th international conference on Security and Trust Management
Hi-index | 0.00 |
Polymorphic programming languages have been adapted for constructing distributed access control systems, where a program represents a proof of eligibility according to a given policy. As a security requirement, it is typically stated that the programs of such languages should satisfy noninterference. However, this property has not been defined and proven semantically. In this paper, we first propose a semantics based on Henkin models for a predicative polymorphic access control language based on lambda-calculus. A formal semantic definition of noninterference is then proposed through logical relations. We prove a type soundness theorem which states that any well-typed program of our language meets the noninterference property defined in this paper. In this way, it is guaranteed that access requests from an entity do not interfere with those from unrelated or more trusted entities.