Using Constraints To Analyze And Generate Safe Capability Patterns

We present a dual purpose CCP application for capability based security. In a first setting, the application analyzes capability patterns of collaboration by calculating upper bounds on the propagation of (overt) causal influence. In this setting, all the relied upon restrictions in the behavior of the subjects in the pattern are input and transformed into constraint propagators. In a second setting, the application calculates how the behavior of a (set of) trusted subject(s) in the pattern should be restricted, given the global safety properties that have to be respected. From earlier theoretical results [SV05], we are confident that our approach is complete (all safety breaches are found and the proposed restrictions on behavior are sufficient). Because the tool is currently in a very early stage of its implementation, we only present a small set of preliminary quantitative results.

[1]  Jack B. Dennis,et al.  Programming semantics for multiprogrammed computations , 1966, CACM.

[2]  Peter Van Roy,et al.  A Practical Formal Model for Safety Analysis in Capability-Based Systems , 2005, TGC.

[3]  Yves Deville,et al.  Speeding Up Constrained Path Solvers with a Reachability Propagator , 2005, CP.

[4]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[5]  Matt Bishop,et al.  Extending The Take-Grant Protection System , 1996 .

[6]  Emden R. Gansner,et al.  Drawing graphs with dot , 2006 .

[7]  Emden R. Gansner,et al.  An open graph visualization system and its applications to software engineering , 2000, Softw. Pract. Exp..

[8]  Jonathan S. Shapiro,et al.  Paradigm Regained: Abstraction Mechanisms for Access Control , 2003, ASIAN.

[9]  Peter Van Roy,et al.  Concepts, Techniques, and Models of Computer Programming , 2004 .

[10]  Lawrence Snyder,et al.  The transfer of information and authority in a protection system , 1979, SOSP '79.

[11]  Christian Schulte Programming Constraint Services: High-Level Programming of Standard and New Constraint Services , 2002 .

[12]  Gert Smolka,et al.  The Oz Programming Model , 1996, Computer Science Today.

[13]  Joshua D. Guttman,et al.  Programming Cryptographic Protocols , 2005, TGC.

[14]  Richard J. Lipton,et al.  A Linear Time Algorithm for Deciding Subject Security , 1977, JACM.

[15]  Gert Smolka,et al.  The Oz Programming Model , 1996, Computer Science Today.

[16]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .