Combining Mobile Processes and Declarative Programming

Echahed, Rachid; Serwe, Wendelin

doi:10.1007/3-540-44957-4_20

Cited by 6 publications

(2 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The computational model used in this paper is a simplified version of the one proposed in [4,5]; we refer to these works for a more detailed presentation of the complete model and its implementation. Roughly speaking, a program or a component in our framework consists of two parts K = (F, Π R).…”

Section: Execution Modelmentioning

confidence: 99%

Handling declared information leakage

Echahed

Prost

2005

Proceedings of the 2005 Workshop on Issues in the Theory of Security

View full text Add to dashboard Cite

We address the problem of controlling information leakage in a concurrent declarative programming setting. Our aim is to define formal tools in order to distinguish between authorized, or declared, information flows such as password testing (e.g., ATM, login processes, etc.) and non-authorized ones. We propose to define security policies as rewriting systems. Such policies define how the privacy levels of information evolve. A formal definition of secure processes with respect to a given security policy is given. Non interferenceThe problem of the preservation of the confidentiality of data is nowadays a prominent feature of computer systems. This is especially true in a context where programs and data may move around using communication networks. The usual theoretical approach of this problem, initiated by Goguen and Meseguer in [7], uses the notion of non-interference. A great deal of work has been done along these lines. A common feature of these works is that they consider information leakage from a very strict point of view despite the fact that in real world applications, such absolute non-interference properties can hardly be obtained e.g., [12]. The notion of approximate non-interference e.g., [11,10], along with declassification and other weakenings of non-interference e.g., [15,6] have been only recently investigated. Following this line of study, we propose a formalization in which the user may declare its security policy. The idea is that the user may declare that some functions are allowed to provoke information leakage. We call such functions declassifying functions. This formalization extends previous works in the expressivity of security policies.A typical example of declassifying functions is given by

show abstract

Section: Execution Modelmentioning

confidence: 99%

Handling declared information leakage

Echahed

Prost

2005

Proceedings of the 2005 Workshop on Issues in the Theory of Security

View full text Add to dashboard Cite

show abstract

“…The computational model used in this paper is a simplified version of the one proposed in [8,9]; we refer to these works for a more detailed presentation of the complete model and its implementation. Roughly speaking, a program or a component in our framework consists of two parts K = (F, Π R).…”

Section: A Framework For Concurrent Declarative Programmingmentioning

confidence: 99%

Security policy in a declarative style

Echahed

Prost

2005

Proceedings of the 7th ACM SIGPLAN International Conference on Principles and Practice of Declarative Programming

View full text Add to dashboard Cite

We address the problem of controlling information leakage in a concurrent declarative programming setting. Our aim is to define verification tools in order to distinguish between authorized, or declared, information flows such as password testing (e.g., ATM, login processes, etc.) and nonauthorized ones. In this paper, we first propose a way to define security policies as confluent and terminating rewrite systems. Such policies define how the privacy levels of information evolve. Then, we provide a formal definition of secure processes with respect to a given security policy. We also define an actual verification algorithm of secure processes based on constraint solving.

show abstract