Generative communication in Linda
ACM Transactions on Programming Languages and Systems (TOPLAS)
A calculus of mobile processes, I
Information and Computation
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
KLAIM: A Kernel Language for Agents Interaction and Mobility
IEEE Transactions on Software Engineering
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
Theoretical Computer Science
Software—Practice & Experience - Special issue on aliasing in object-oriented systems
Resource access control in systems of mobile agents
Information and Computation
Types for the ambient calculus
Information and Computation - IFIP TCS2000
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
Lightweight confinement for featherweight java
OOPSLA '03 Proceedings of the 18th annual ACM SIGPLAN conference on Object-oriented programing, systems, languages, and applications
Controlling data movement in global computing applications
Proceedings of the 2004 ACM symposium on Applied computing
Resource access and mobility control with dynamic privileges acquisition
ICALP'03 Proceedings of the 30th international conference on Automata, languages and programming
Type inference for a distributed π-calculus
ESOP'03 Proceedings of the 12th European conference on Programming
Security boundaries in mobile ambients
Computer Languages, Systems and Structures
Specifying and Analysing SOC Applications with COWS
Concurrency, Graphs and Models
A type system for discretionary access control†
Mathematical Structures in Computer Science
Regulating data exchange in service oriented applications
FSEN'07 Proceedings of the 2007 international conference on Fundamentals of software engineering
SENSORIA process calculi for service-oriented computing
TGC'06 Proceedings of the 2nd international conference on Trustworthy global computing
Hi-index | 0.00 |
A programming notation is introduced that can be used for protecting secrecy and integrity of data in global computing applications. The approach is based on the explicit annotations of data and network nodes. Data are tagged with information about the allowed movements, network nodes are tagged with information about the nodes that can send data and spawn processes to them. The annotations are used to confine movements of data and processes. The approach is illustrated by applying it to three paradigmatic calculi for global computing, namely CKLAIM (a calculus at the basis of CKLAIM), Dπ (a distributed version of the π-calculus) and Mobile Ambients Calculus. For all of these formalisms, it is shown that their semantics guarantees that computations proceed only while respecting confinement constraints. Namely, it is proven that, after successful static type checking, data can reside at and cross only authorised nodes. "Local" formulations of this property where only relevant subnets type check are also presented. Finally, the theory is tested by using it to model secure behaviours of a UNIX-like multiuser system.