Policy algebras for access control: the propositional case
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Enforcing Safety Properties Using Type Specialization
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
Policy-Carrying, Policy-Enforcing Digital Objects
ECDL '00 Proceedings of the 4th European Conference on Research and Advanced Technology for Digital Libraries
A propositional policy algebra for access control
ACM Transactions on Information and System Security (TISSEC)
Assessment of the Java programming language for use in high integrity systems
ACM SIGPLAN Notices
Program specialization for execution monitoring
Journal of Functional Programming
Hi-index | 0.00 |
Security of mobile code is a major issue in today''s global computing environment. When you download a program from an untrusted source, how can you be sure it will not do something undesirable? In this paper I will discuss a particular approach to this problem called language-based security. In this approach, security information is derived from a program written in a high-level language during the compilation process and is included in the compiled object. This extra security information can take the form of a formal proof, a type annotation, or some other form of certificate or annotation. It can be downloaded along with the object code and automatically verified before running the code locally, giving some assurance against certain types of failure or unauthorized activity. The verifier must be trusted, but the compiler, code, and certificate need not be. Java bytecode verification is an example of this approach. I will give an overview of some recent work in this area, including a particular effort in which we are trying to make the production of certificates and the verification as efficient and invisible as possible.