Behavioural typing for safe ambients

We introduce a typed variant of Safe Ambients, named Secure Safe Ambients (SSA), whose type system allows behavioral invariants of ambients to be expressed and verified. The most significant aspect of the type system is its ability to capture both explicit and implicit process and ambient behavior: process types account not only for immediate behavior, but also for the behavior resulting from capabilities a process acquires during its evolution in a given context. Based on that, the type system provides for static detection of security attacks such as Trojan Horses and other combinations of malicious agents. We study the type system of SSA, define algorithms for type checking and type reconstruction, define languages for expressing security properties, and study a distributed version of SSA and its type system. For the latter, we show that distributed type checking ensures security even in ill-typed contexts, and discuss how it relates to the security architecture of the Java Virtual Machine.

[1]  Sergio Maffeis,et al.  An Abstract Interpretation Framework for Analysing Mobile Ambients , 2001, SAS.

[2]  Luca Cardelli,et al.  Mobile Ambients , 1998, FoSSaCS.

[3]  Davide Sangiorgi,et al.  Controlling interference in ambients , 2000, POPL '00.

[4]  Torben Amtoft,et al.  What Are Polymorphically-Typed Ambients? , 2001, ESOP.

[5]  Flemming Nielson,et al.  Validating Firewalls in Mobile Ambients , 1999, CONCUR.

[6]  Luca Cardelli,et al.  Types for mobile ambients , 1999, POPL '99.

[7]  Luca Cardelli,et al.  Ambient Groups and Mobility Types , 2000, IFIP TCS.

[8]  Luca Cardelli,et al.  Mobility Types for Mobile Ambients , 1999, ICALP.

[9]  Frank Yellin,et al.  The Java Virtual Machine Specification , 1996 .

[10]  Flemming Nielson,et al.  Control-Flow Analysis in Cubic Time , 2001, ESOP.

[11]  Jérôme Feret,et al.  Abstract Interpretation-Based Static Analysis of Mobile Ambients , 2001, SAS.

[12]  Michele Bugliesi,et al.  Secure safe ambients , 2001, POPL '01.

[13]  Peter J. Denning,et al.  Fault Tolerant Operating Systems , 1976, CSUR.

[14]  Jan Vitek,et al.  Secure composition of untrusted code: wrappers and causality types , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[15]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[16]  Flemming Nielson,et al.  Shape analysis for mobile ambients , 2000, POPL '00.