Audit-Based Access Control for Electronic Health Records
Electronic Notes in Theoretical Computer Science (ENTCS)
Policies and proofs for code auditing
ATVA'07 Proceedings of the 5th international conference on Automated technology for verification and analysis
A certified distributed security logic for authorizing code
TYPES'06 Proceedings of the 2006 international conference on Types for proofs and programs
Hi-index | 0.00 |
We present a system, BLF, that combines an authorizationlogic based on the Binder language with a logicalframework, LF, able to express semantic properties of programs.BLF is a general system for specifying and enforcingpolicies that rely on both reason and trust. In particular,BLF supports extensible software systems that employboth digitally signed code and language-based security, especiallyproof-carrying code. We describe BLF, establishsome of its fundamental properties, and explain its use.