Static Validation of Licence Conformance Policies

Policy conformance is a security property gaining importance due to commercial interest like Digital Rights Management. It is well known that static analysis can be used to validate a number of more classical security policies, such as discretionary and mandatory access control policies, as well as communication protocols using symmetric and asymmetric cryptography. In this work we show how to develop a Flow Logic for validating the conformance of client software with respect to a licence conformance policy. Our approach is sufficiently flexible that it extends to fully open systems that can admit new services on the fly.

[1]  Flemming Nielson,et al.  Sandboxing in myKlaim , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[2]  Flemming Nielson,et al.  Flow Logic: A Multi-paradigmatic Approach to Static Analysis , 2002, The Essence of Computation.

[3]  Flemming Nielson,et al.  Principles of Program Analysis , 1999, Springer Berlin Heidelberg.

[4]  Rocco De Nicola,et al.  Types for access control , 2000, Theor. Comput. Sci..

[5]  Rocco De Nicola,et al.  KLAIM: A Kernel Language for Agents Interaction and Mobility , 1998, IEEE Trans. Software Eng..

[6]  Emilio Tuosto,et al.  The Klaim Project: Theory and Practice , 2003, Global Computing.