A calculus of mobile processes, I
Information and Computation
Handbook of logic in computer science (vol. 4)
Microkernels meet recursive virtual machines
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A typed language for distributed mobile processes (extended abstract)
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Using CSP to Detect Errors in the TMN Protocol
IEEE Transactions on Software Engineering
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Confinement properties for programming languages
ACM SIGACT News
A sound type system for secure flow analysis
Journal of Computer Security
A note on the confinement problem
Communications of the ACM
Interposition agents: transparently interposng user code at the system interface
Secure Internet programming
A Flexible Security System for Using Internet Content
IEEE Software
Secrecy by Typing inSecurity Protocols
TACS '97 Proceedings of the Third International Symposium on Theoretical Aspects of Computer Software
An Object Calculus for Asynchronous Communication
ECOOP '91 Proceedings of the European Conference on Object-Oriented Programming
Global/Local Subtyping and Capability Inference for a Distributed pi-calculus
ICALP '98 Proceedings of the 25th International Colloquium on Automata, Languages and Programming
CONCUR '96 Proceedings of the 7th International Conference on Concurrency Theory
On Bisimulations for the Asynchronous pi-Calculus
CONCUR '96 Proceedings of the 7th International Conference on Concurrency Theory
Type-Safe Execution of Mobile Agents in Anonymous Networks
ECOOP '98 Workshop ion on Object-Oriented Technology
An Asynchronous Model of Locality, Failurem and Process Mobility
COORDINATION '97 Proceedings of the Second International Conference on Coordination Languages and Models
Safe, Untrusted Agents Using Proof-Carrying Code
Mobile Agents and Security
FoSSaCS '98 Proceedings of the First International Conference on Foundations of Software Science and Computation Structure
Localities and Failures (Extended Abstract)
Proceedings of the 14th Conference on Foundations of Software Technology and Theoretical Computer Science
Secure Implementation of Channel Abstractions
LICS '98 Proceedings of the 13th Annual IEEE Symposium on Logic in Computer Science
Enforceable Security Policies
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Authentication primitives and their compilation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Formal methods for distributed processing
Mark, a Reasoning Kit for Mobility
Automated Software Engineering
What Are Polymorphically-Typed Ambients?
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
Seal: A Framework for Secure Mobile Computations
ICCL'98 Workshop on Internet Programming Languages
Reflections on MOPs, Components, and Java Security
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Typing Mobility in the Seal Calculus
CONCUR '01 Proceedings of the 12th International Conference on Concurrency Theory
The Seal Calculus Revisited: Contextual Equivalence and Bisimilarity
FST TCS '02 Proceedings of the 22nd Conference Kanpur on Foundations of Software Technology and Theoretical Computer Science
Mobile Agents Coordination in Mobadtl
COORDINATION '00 Proceedings of the 4th International Conference on Coordination Languages and Models
Models for Name-Passing Processes: Interleaving and Causal
LICS '00 Proceedings of the 15th Annual IEEE Symposium on Logic in Computer Science
Secure composition of untrusted code: box π, wrappers, and causality types
Journal of Computer Security - CSFW13
Policy-enforced linking of untrusted components
Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering
Information and Computation
A coordination approach to mobile components
Theoretical Computer Science - Formal methods for components and objects
Information and Computation
The kell calculus: a family of higher-order distributed process calculi
GC'04 Proceedings of the 2004 IST/FET international conference on Global Computing
Enforcing distributed information flow policies architecturally: the SAID approach
COORDINATION'05 Proceedings of the 7th international conference on Coordination Models and Languages
Orderly communication in the Ambient Calculus
Computer Languages, Systems and Structures
| Hi-index | 0.00 |
Software systems are becoming heterogeneous: instead of a small number of large programs from well-established sources, a user's desktop may now consist of many smaller components that interact in intricate ways. Some components will be downloaded from the network from sources that are only partially trusted. A user would like to know that a number of security properties hold, e.g. that personal data is not leaked to the net, but it is typically infeasible to verify that such components are well-behaved. Instead, they must be executed in a secure environment, or wrapper, that provides fine-grain control of the allowable interactions between them, and between components and other system resources.In this paper we study such wrappers, focusing on how they can be expressed in a way that enables their security properties to be stated and proved rigorously. We introduce a model programming language, the box-pi calculus, that supports composition of software components and the enforcement of security policies. Several example wrappers are expressed using the calculus; we explore the delicate security properties they guarantee.