Code-Carrying Authorization

In authorization, there is often a wish to shift the burden of proof to those making requests, since they may have more resources and more specific knowledge to construct the required proofs. We introduce an extreme instance of this approach, which we call Code-Carrying Authorization (CCA). With CCA, access-control decisions can partly be delegated to untrusted code obtained at run-time. The dynamic verification of this code ensures the safety of authorization decisions. We define and study this approach in the setting of a higher-order spi calculus. The type system of this calculus provides the needed support for static and dynamic verification.

[1]  Andrew D. Gordon,et al.  Refinement Types for Secure Implementations , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[2]  Access control in a core calculus of dependency , 2006, ICFP '06.

[3]  Andrew W. Appel,et al.  Proof-carrying authentication , 1999, CCS '99.

[4]  Radha Jagadeesan,et al.  Do As I SaY! Programmatic Access Control with Explicit Identities , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[5]  Martín Abadi,et al.  A Calculus for Cryptographic Protocols: The spi Calculus , 1999, Inf. Comput..

[6]  Limin Jia,et al.  Evidence-Based Audit , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[7]  Letizia Tanca,et al.  What you Always Wanted to Know About Datalog (And Never Dared to Ask) , 1989, IEEE Trans. Knowl. Data Eng..

[8]  Andrew D. Gordon,et al.  A Type Discipline for Authorization in Distributed Systems , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[9]  Julian Rathke,et al.  safeDpi: a language for controlling mobile code , 2005, Acta Informatica.

[10]  Martín Abadi,et al.  Dynamic typing in a statically-typed language , 1989, POPL '89.

[11]  Robert Tappan Morris,et al.  Alpaca: extensible authorization for distributed services , 2007, CCS '07.

[12]  James Riely,et al.  Access Control Based on Code Identity for Open Distributed Systems , 2007, TGC.

[13]  John DeTreville,et al.  Binder, a logic-based security language , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[14]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[15]  James Riely,et al.  Trust and partial typing in open systems of mobile agents , 1999, POPL '99.

[16]  Andrew D. Gordon,et al.  A Type Discipline for Authorization Policies , 2005, ESOP.

[17]  George C. Necula,et al.  The open verifier framework for foundational verifiers , 2005, TLDI '05.

[18]  Jean-Pierre Jouannaud,et al.  TAPSOFT'93: Theory and Practice of Software Development , 1993, Lecture Notes in Computer Science.

[19]  Davide Sangiorgi,et al.  From pi-Calculus to Higher-Order pi-Calculus - and Back , 1993, TAPSOFT.

[20]  Andrew D. Gordon,et al.  A type discipline for authorization policies , 2005, TOPL.

[21]  Andrew D. Gordon,et al.  Proceedings of the 21st IEEE Computer Security Foundations Symposium, CSF 2008, Pittsburgh, Pennsylvania, USA, 23-25 June 2008 , 2008, CSF.

[22]  Lujo Bauer,et al.  A General and Flexible Access-Control System for the Web , 2002, USENIX Security Symposium.