AURA: Preliminary Technical Results

This paper presents AURA, a programming language for access control that treats ordinary programming constructs (e.g., integers and recursive functions) and authorization logic constructs (e.g., principals and access control policies) in a uniform way. AURA is based on polymorphic DCC and uses dependent types to permit assertions that refer directly to AURA values while keeping computation out of the assertion level to ensure tractability. The main technical results of this paper include fully mechanically verified proofs of the decidability and soundness for AURA's type system, and a prototype typechecker and interpreter. Comments University of Pennsylvania Department of Computer and Information Science Technical Report No. MSCIS-08-10. Author(s) Limin Jia, Jeffrey A. Vaughan, Karl Mazurak, Jianzhou Zhao, Luke Zarko, Joseph Schorr, and Stephan A. Zdancewic This technical report is available at ScholarlyCommons: http://repository.upenn.edu/cis_reports/886 AURA: Preliminary Technical Results University of Pennsylvania Technical Report MS-CIS-08-10

[1]  Arthur Charguéraud,et al.  Engineering formal metatheory , 2008, POPL '08.

[2]  Martín Abadi,et al.  A Calculus for Access Control in Distributed Systems , 1991, CRYPTO.

[3]  Lujo Bauer,et al.  Device-Enabled Authorization in the Grey System ¶ , 2006 .

[4]  Jan Vitek,et al.  Type-based distributed access control , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[5]  Martín Abadi,et al.  Logic in access control , 2003, 18th Annual IEEE Symposium of Logic in Computer Science, 2003. Proceedings..

[6]  Haskell B. Curry,et al.  Combinatory Logic, Volume I , 1959 .

[7]  Andrew D. Gordon,et al.  A type discipline for authorization policies , 2005, TOPL.

[8]  Andrew W. Appel,et al.  Proof-carrying authentication , 1999, CCS '99.

[9]  Jerry den Hartog,et al.  An audit logic for accountability , 2005, Sixth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'05).

[10]  Joan Feigenbaum,et al.  REFEREE: Trust Management for Web Applications , 1997, Comput. Networks.

[11]  Martín Abadi Access Control in a Core Calculus of Dependency , 2007, Electron. Notes Theor. Comput. Sci..

[12]  Access control in a core calculus of dependency , 2006, ICFP '06.

[13]  Simon Peyton Jones,et al.  Henk: a typed intermediate language , 1997 .

[14]  Christine Paulin-Mohring,et al.  The coq proof assistant reference manual , 2000 .

[15]  Andrei Sabelfeld,et al.  Cryptographically-masked flows , 2006, Theor. Comput. Sci..

[16]  Matt Bishop,et al.  Computer Security: Art and Science , 2002 .

[17]  Lars Birkedal,et al.  Polymorphism and separation in hoare type theory , 2006, ICFP '06.

[18]  Varmo Vene,et al.  A Type System for Computationally Secure Information Flow , 2005, FCT.

[19]  Butler W. Lampson,et al.  A Calculus for Access Control in Distributed , 1993 .

[20]  Frank Pfenning,et al.  An Authorization Logic With Explicit Time , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[21]  Martín Abadi,et al.  A calculus for access control in distributed systems , 1991, TOPL.

[22]  Joan Feigenbaum,et al.  KeyNote: Trust Management for Public-Key Infrastructures (Position Paper) , 1998, Security Protocols Workshop.

[23]  Don Syme ILX: Extending the .NET Common IL for Functional Language Interoperability , 2001, Electron. Notes Theor. Comput. Sci..

[24]  Simon L. Peyton Jones,et al.  Simple unification-based type inference for GADTs , 2006, ICFP '06.

[25]  Simon Peyton-Jones,et al.  Henk: A Typed Intermediate Language , 1997 .

[26]  Peeter Laud,et al.  On the computational soundness of cryptographically masked flows , 2008, POPL '08.

[27]  Martín Abadi,et al.  Authentication in the Taos operating system , 1994, TOCS.

[28]  Frank Pfenning,et al.  Dependent types in practical programming , 1999, POPL '99.

[29]  Karl Crary,et al.  Towards a mechanized metatheory of standard ML , 2007, POPL '07.

[30]  Philip Wadler,et al.  Well-Typed Programs Can't Be Blamed , 2009, ESOP.

[31]  Aaron Stump,et al.  A language-based approach to functionally correct imperative programming , 2005, ICFP '05.

[32]  Michael Hicks,et al.  Fable: A Language for Enforcing User-defined Security Policies , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[33]  William A. Howard,et al.  The formulae-as-types notion of construction , 1969 .

[34]  Martín Abadi,et al.  A core calculus of dependency , 1999, POPL '99.

[35]  Geoffrey Smith,et al.  Secure information flow with random assignment and encryption , 2006, FMSE '06.

[36]  William C. Frederick,et al.  A Combinatory Logic , 1995 .

[37]  Andrew D. Gordon,et al.  A Type Discipline for Authorization in Distributed Systems , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[38]  Peter Hancock,et al.  Interactive Programs in Dependent Type Theory , 2000, CSL.

[39]  Hongwei Xi,et al.  Applied Type System: Extended Abstract , 2003, TYPES.

[40]  Steve Zdancewic,et al.  A Cryptographic Decentralized Label Model , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[41]  Thierry Coquand,et al.  The Calculus of Constructions , 1988, Inf. Comput..

[42]  Philip Wadler,et al.  Monads for functional programming , 1995, NATO ASI PDC.

[43]  François Pottier,et al.  Information flow inference for ML , 2003, TOPL.

[44]  U. Norell,et al.  Towards a practical programming language based on dependent type theory , 2007 .

[45]  Lennart Augustsson,et al.  Cayenne—a language with dependent types , 1998, ICFP '98.

[46]  Andrew C. Myers,et al.  Jif: java information flow , 1999 .

[47]  Limin Jia,et al.  Evidence-Based Audit , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[48]  Simon L. Peyton Jones,et al.  System F with type equality coercions , 2007, TLDI '07.