Resource Access Control in Systems of Mobile Agents

We describe a typing system for a distributed ?-calculus which guarantees that distributed agents cannot access the resources of a system without first being granted the capability to do so. The language studied allows agents to move between distributed locations and to augment their set of capabilities via communication with other agents. The type system is based on the novel notion of a location type, which describes the set of resources available to an agent at a location. Resources are themselves equipped with capabilities, and thus an agent may be given permission to send data along a channel at a particular location without being granted permission to read data along the same channel. We also describe a tagged version of the language, where the capabilities of agents are made explicit in the syntax. Using this tagged language we define access violations as runtime errors and prove that well-typed systems are incapable of such errors.

[1]  James Riely,et al.  A typed language for distributed mobile processes (extended abstract) , 1998, POPL '98.

[2]  Roberto M. Amadio,et al.  The Receptive Distributed π-Calculus , 1999 .

[3]  Roberto M. Amadio,et al.  Localities and Failures (Extended Abstract) , 1994, FSTTCS.

[4]  Roberto M. Amadio An Asynchronous Model of Locality, Failurem and Process Mobility , 1997, COORDINATION.

[5]  K. Mani Chandy,et al.  A world-wide distributed system using Java and the Internet , 1996, Proceedings of 5th IEEE International Symposium on High Performance Distributed Computing.

[6]  Robin Milner,et al.  The Polyadic π-Calculus: a Tutorial , 1993 .

[7]  Luca Cardelli,et al.  Mobile Ambients , 1998, Foundations of Software Science and Computation Structure.

[8]  Rocco De Nicola,et al.  KLAIM: A Kernel Language for Agents Interaction and Mobility , 1998, IEEE Trans. Software Eng..

[9]  B. Pierce,et al.  Typing and subtyping for mobile processes , 1993, [1993] Proceedings Eighth Annual IEEE Symposium on Logic in Computer Science.

[10]  Oscar Nierstrasz,et al.  Object-Based Models and Languages for Concurrent Systems , 1994, Lecture Notes in Computer Science.

[11]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[12]  David N. Turner,et al.  The polymorphic Pi-calculus : theory and implementation , 1996 .

[13]  Matthew Hennessy A Typed Language for Distributed Mobile Processes , 1998 .

[14]  Peter Sewell,et al.  Nomadic Pict: language and infrastructure design for mobile agents , 2000, IEEE Concurr..

[15]  Nicholas Carriero,et al.  Bauhaus Linda , 1994, ECOOP Workshop.

[16]  Rocco De Nicola,et al.  Coordinating Mobile Agents via Blackboards and Access Rights , 1997, COORDINATION.

[17]  Danny B. Lange,et al.  A Security Model for Aglets , 1997, IEEE Internet Comput..

[18]  James Riely,et al.  Type-Safe Execution of Mobile Agents in Anonymous Networks , 1998, ECOOP Workshops.

[19]  Roberto M. Amadio,et al.  The Receptive Distributed pi-Calculus (Extended Abstract) , 1999, FSTTCS.

[20]  Jon G. Riecke,et al.  The SLam calculus: programming with secrecy and integrity , 1998, POPL '98.

[21]  Benjamin C. Pierce,et al.  Linearity and the pi-calculus , 1996, POPL '96.

[22]  Cédric Fournet,et al.  The reflexive CHAM and the join-calculus , 1996, POPL '96.

[23]  Roberto M. Amadio,et al.  Modelling IP Mobility , 1998, Formal Methods Syst. Des..

[24]  Jean-Jacques Lévy,et al.  A Calculus of Mobile Agents , 1996, CONCUR.

[25]  Cosimo Laneve,et al.  Implicit Typing à la ML for the Join-Calculus , 1997, CONCUR.

[26]  Charles E. Perkins,et al.  IP Mobility Support , 1996, RFC.

[27]  Luca Cardelli,et al.  A language with distributed scope , 1995, POPL '95.

[28]  Nicholas Carriero,et al.  Linda in context , 1989, CACM.

[29]  James Riely,et al.  Trust and partial typing in open systems of mobile agents , 1999, POPL '99.

[30]  Gérard Berry,et al.  The chemical abstract machine , 1989, POPL '90.