A Theory of Communicating Sequential Processes
Journal of the ACM (JACM)
A calculus of mobile processes, I
Information and Computation
Handbook of logic in computer science (vol. 4)
IEEE Transactions on Software Engineering
Microkernels meet recursive virtual machines
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
Extensible security architectures for Java
Proceedings of the sixteenth ACM symposium on Operating systems principles
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A typed language for distributed mobile processes (extended abstract)
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Security properties of typed applets
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Type-safe linking and modular assembly language
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Confinement properties for programming languages
ACM SIGACT News
Principals in programming languages: a syntactic proof technique
Proceedings of the fourth ACM SIGPLAN international conference on Functional programming
Pict: a programming language based on the Pi-Calculus
Proof, language, and interaction
A sound type system for secure flow analysis
Journal of Computer Security
A Flexible Security System for Using Internet Content
IEEE Software
An Object Calculus for Asynchronous Communication
ECOOP '91 Proceedings of the European Conference on Object-Oriented Programming
Global/Local Subtyping and Capability Inference for a Distributed pi-calculus
ICALP '98 Proceedings of the 25th International Colloquium on Automata, Languages and Programming
From Higher-Order pi-Calculus to pi-Calculus in the Presence of Static Operators
CONCUR '98 Proceedings of the 9th International Conference on Concurrency Theory
CONCUR '96 Proceedings of the 7th International Conference on Concurrency Theory
On Bisimulations for the Asynchronous pi-Calculus
CONCUR '96 Proceedings of the 7th International Conference on Concurrency Theory
Causality for Mobile Processes
ICALP '95 Proceedings of the 22nd International Colloquium on Automata, Languages and Programming
FoSSaCS '98 Proceedings of the First International Conference on Foundations of Software Science and Computation Structure
Secure Implementation of Channel Abstractions
LICS '98 Proceedings of the 13th Annual IEEE Symposium on Logic in Computer Science
Secure Composition of Insecure Components
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Secure Composition of Untrusted Code: Wrappers and Causality Types
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Interposition as an Operating System Extension Mechanism
Interposition as an Operating System Extension Mechanism
Journal of Functional Programming
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
The m-calculus: a higher-order distributed process calculus
POPL '03 Proceedings of the 30th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Access control for mobile agents: The calculus of boxed ambients
ACM Transactions on Programming Languages and Systems (TOPLAS)
Channel dependent types for higher-order mobile processes
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Models for name-passing processes: interleaving and causal
Information and Computation
Information and Computation
Journal of Functional Programming
Component adaptation through flexible subservicing
Science of Computer Programming - Special issue on security issues in coordination models, languages, and systems
Oz/K: a kernel language for component-based open programming
GPCE '07 Proceedings of the 6th international conference on Generative programming and component engineering
Compositionally Progressive Solutions of Synchronous FSM Equations
Discrete Event Dynamic Systems
A type system for discretionary access control†
Mathematical Structures in Computer Science
Planning and verifying service composition
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Information and Computation
ACM Transactions on Programming Languages and Systems (TOPLAS)
The conversation calculus: a model of service-oriented computation
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Foundations of security analysis and design IV
Checking risky events is enough for local policies
ICTCS'05 Proceedings of the 9th Italian conference on Theoretical Computer Science
Security issues in service composition
FMOODS'06 Proceedings of the 8th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
| Hi-index | 0.00 |
Software systems are becoming heterogeneous: instead of a small number of large programs from well-established sources, a user's desktop may now consist of many smaller components that interact in intricate ways. Some components will be downloaded from the network from sources that are only partially trusted. A user would like to know that a number of security properties hold, e.g., that personal data is not leaked to the net, but it is typically infeasible to verify that such components are well-behaved. Instead, they must be executed in a secure environment that provides fine-grain control of the allowable interactions between them, and between components and other system resources.In this paper, we consider the problem of assembling concurrent software systems from untrusted or partially trusted off-the-shelf components, using wrapper programs to encapsulate components and enforce security policies. We introduce a model programming language, the box-π calculus, that supports composition of software components and the enforcement of information flow security policies. Several example wrappers are expressed using the calculus; we explore the delicate security properties they guarantee. We present a novel causal type system that statically captures the allowed flows between wrapped possibly-badly-typed components; we use it to prove that an example ordered pipeline wrapper enforces a causal flow property.