AURA: a programming language for authorization and audit

This paper presents AURA, a programming language for access control that treats ordinary programming constructs (e.g., integers and recursive functions) and authorization logic constructs (e.g., principals and access control policies) in a uniform way. AURA is based on polymorphic DCC and uses dependent types to permit assertions that refer directly to AURA values while keeping computation out of the assertion level to ensure tractability. The main technical results of this paper include fully mechanically verified proofs of the decidability and soundness for AURA's type system, and a prototype typechecker and interpreter.

[1]  Lujo Bauer,et al.  Device-Enabled Authorization in the Grey System ¶ , 2006 .

[2]  Jan Vitek,et al.  Type-based distributed access control , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[3]  Martín Abadi,et al.  A calculus for access control in distributed systems , 1991, TOPL.

[4]  Michael Hicks,et al.  Fable: A Language for Enforcing User-defined Security Policies , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[5]  Thierry Coquand,et al.  The Calculus of Constructions , 1988, Inf. Comput..

[6]  Andrew D. Gordon,et al.  A Type Discipline for Authorization in Distributed Systems , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[7]  Philip Wadler Monads for Functional Programming , 1995, Advanced Functional Programming.

[8]  U. Norell,et al.  Towards a practical programming language based on dependent type theory , 2007 .

[9]  Lennart Augustsson,et al.  Cayenne—a language with dependent types , 1998, ICFP '98.

[10]  Hongwei Xi,et al.  Applied Type System: Extended Abstract , 2003, TYPES.

[11]  Martín Abadi Access Control in a Core Calculus of Dependency , 2007, Electron. Notes Theor. Comput. Sci..

[12]  Andrew D. Gordon,et al.  A Type Discipline for Authorization Policies , 2005, ESOP.

[13]  Andrei Sabelfeld,et al.  Cryptographically-masked flows , 2006, Theor. Comput. Sci..

[14]  François Pottier,et al.  Information flow inference for ML , 2003, TOPL.

[15]  Martín Abadi,et al.  Logic in access control , 2003, 18th Annual IEEE Symposium of Logic in Computer Science, 2003. Proceedings..

[16]  Steve Zdancewic,et al.  A Cryptographic Decentralized Label Model , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[17]  Aaron Stump,et al.  A language-based approach to functionally correct imperative programming , 2005, ICFP '05.

[18]  Haskell B. Curry,et al.  Combinatory Logic, Volume I , 1959 .

[19]  Limin Jia,et al.  Evidence-Based Audit , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[20]  Don Syme ILX: Extending the .NET Common IL for Functional Language Interoperability , 2001, Electron. Notes Theor. Comput. Sci..

[21]  Frank Pfenning,et al.  Dependent types in practical programming , 1999, POPL '99.

[22]  Andrew W. Appel,et al.  Proof-carrying authentication , 1999, CCS '99.

[23]  Joan Feigenbaum,et al.  REFEREE: Trust Management for Web Applications , 1997, Comput. Networks.

[24]  Simon Peyton Jones,et al.  Henk: a typed intermediate language , 1997 .

[25]  Martín Abadi,et al.  A core calculus of dependency , 1999, POPL '99.

[26]  Peter Hancock,et al.  Interactive Programs in Dependent Type Theory , 2000, CSL.

[27]  Simon L. Peyton Jones,et al.  System F with type equality coercions , 2007, TLDI '07.

[28]  Geoffrey Smith,et al.  Secure information flow with random assignment and encryption , 2006, FMSE '06.

[29]  Frank Pfenning,et al.  An Authorization Logic With Explicit Time , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[30]  Joan Feigenbaum,et al.  KeyNote: Trust Management for Public-Key Infrastructures (Position Paper) , 1998, Security Protocols Workshop.

[31]  Jerry den Hartog,et al.  An audit logic for accountability , 2005, Sixth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'05).

[32]  Arthur Charguéraud,et al.  Engineering formal metatheory , 2008, POPL '08.

[33]  Varmo Vene,et al.  A Type System for Computationally Secure Information Flow , 2005, FCT.

[34]  Simon L. Peyton Jones,et al.  Simple unification-based type inference for GADTs , 2006, ICFP '06.

[35]  Karl Crary,et al.  Towards a mechanized metatheory of standard ML , 2007, POPL '07.

[36]  Philip Wadler,et al.  Well-Typed Programs Can't Be Blamed , 2009, ESOP.

[37]  Martín Abadi,et al.  Authentication in the Taos operating system , 1993, SOSP '93.

[38]  Matt Bishop,et al.  Computer Security: Art and Science , 2002 .

[39]  Lars Birkedal,et al.  Polymorphism and separation in hoare type theory , 2006, ICFP '06.

[40]  Peeter Laud,et al.  On the computational soundness of cryptographically masked flows , 2008, POPL '08.