Privacy by flexible parameterization with Erlang active objects.

Functional active objects are a new paradigm for the implementation of services. They offer safe distributed evaluation with futures and immutable objects guaranteeing efficient implementation of privacy while offering verified quality assurance based on the functional paradigm and a development in an interactive theorem prover. In this paper, we present a novel and highly performant implementation of functional active objects in Erlang. Besides outlining the guiding principles of the interpreter, we show how secure services can be realized based on the classical service triangle and prove its security based on a formal definition of information flow security for functional active objects.

[1]  Varmo Vene,et al.  A Type System for Computationally Secure Information Flow , 2005, FCT.

[2]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[3]  Theo D'Hondt,et al.  A Leasing Model to Deal with Partial Failures in Mobile Ad Hoc Networks , 2009, TOOLS.

[4]  Andrew C. Myers,et al.  Protecting privacy using the decentralized label model , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[5]  Andrew C. Myers,et al.  JFlow: practical mostly-static information flow control , 1999, POPL '99.

[6]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[7]  Flemming Nielson,et al.  Relational Analysis of Correlation , 2008, SAS.

[8]  Ludovic Henrio,et al.  Functional Active Objects: Noninterference and Distributed Consensus , 2009 .

[9]  Lawrence Charles Paulson,et al.  ML for the working programmer , 1991 .

[10]  Joe Armstrong,et al.  Programming Erlang: Software for a Concurrent World , 1993 .

[11]  Denis Caromel,et al.  A Theory of Distributed Objects , 2005 .

[12]  Florian Kammüller,et al.  Implementing Privacy with Erlang Active Objects , 2010, 2010 Fifth International Conference on Internet Monitoring and Protection.

[13]  Martín Abadi,et al.  A Theory of Objects , 1996, Monographs in Computer Science.

[14]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[15]  Carl Hewitt,et al.  The incremental garbage collection of processes , 1977 .

[16]  Florian Kammüller Privacy Enforcement and Analysis for Functional Active Objects , 2010, DPM/SETOP.

[17]  Andrew C. Myers,et al.  Dynamic security labels and static information flow control , 2007, International Journal of Information Security.

[18]  Peeter Laud,et al.  On the computational soundness of cryptographically masked flows , 2008, POPL '08.

[19]  Muhammad Uzair Khan,et al.  First Class Futures: a Study of Update Strategies , 2009 .

[20]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[21]  Florian Kammüller,et al.  Enhancing Privacy Implementations of Database Enquiries , 2009, 2009 Fourth International Conference on Internet Monitoring and Protection.

[22]  Ludovic Henrio,et al.  Functional Active Objects: Typing and Formalisation , 2009, FOCLASA.