Generative communication in Linda
ACM Transactions on Programming Languages and Systems (TOPLAS)
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
KLAIM: A Kernel Language for Agents Interaction and Mobility
IEEE Transactions on Software Engineering
Coordinating Multiagent Applications on the WWW: A Reference Architecture
IEEE Transactions on Software Engineering
Proceedings of the 21st international conference on Software engineering
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
Resource access control in systems of mobile agents
Information and Computation
JavaSpaces Principles, Patterns, and Practice
JavaSpaces Principles, Patterns, and Practice
Types for the ambient calculus
Information and Computation - IFIP TCS2000
Coordination for Internet Application Development
Autonomous Agents and Multi-Agent Systems
ISADS '01 Proceedings of the Fifth International Symposium on Autonomous Decentralized Systems
IBM Systems Journal
Resource access and mobility control with dynamic privileges acquisition
ICALP'03 Proceedings of the 30th international conference on Automata, languages and programming
Security boundaries in mobile ambients
Computer Languages, Systems and Structures
Editorial message: special track on the programming languages
Proceedings of the 2004 ACM symposium on Applied computing
Confining data and processes in global computing applications
Science of Computer Programming - Special issue on security issues in coordination models, languages, and systems
History-based access control for distributed processes
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
| Hi-index | 0.00 |
We present a programming notation aiming at protecting the secrecy of both host and agent data in global computing applications. The approach exploits annotations with sets of node addresses, called regions. A datum can be annotated with a region that specifies the network nodes that are allowed to interact with it. Network nodes come eqipped with two region annotations specifying the nodes that can send data and spawn processes over them. The langauge semantics guarantees that computation proceeds according to these region constraints. To minimize the overhead of runtime checks, a static compilation phase is exploited. The proposed approach is largely independent of a specific programming language; however, to put it in concrete form, here we focus on its integration within the process language μKLAIM. We prove that in compiled μKLAIM nets, data can be manipulated only by authorized users. We also give a more local formulation of this property, where only a subnet is compiled. Finally, we use our theory to model the secure behaviour of a UNIX-like multiuser system.