TY  - JOUR
TI  - A Typed Model for Dynamic Authorizations
ID  - eprints3690
AV  - public
JF  - Electronic Proceedings in Theoretical Computer Science
N2  - Security requirements in distributed software systems are inherently dynamic. In the case of authorization policies, resources are meant to be accessed only by authorized parties, but the authorization to access a resource may be dynamically granted/yielded. We describe ongoing work on a model for specifying communication and dynamic authorization handling. We build upon the pi-calculus so as to enrich communication-based systems with authorization specification and delegation; here authorizations regard channel usage and delegation refers to the act of yielding an authorization to another party. Our model includes: (i) a novel scoping construct for authorization, which allows to specify authorization boundaries, and (ii) communication primitives for authorizations, which allow to pass around authorizations to act on a given channel. An authorization error may consist in, e.g., performing an action along a name which is not under an appropriate authorization scope. We introduce a typing discipline that ensures that processes never reduce to authorization errors, even when authorizations are dynamically delegated.
N1  - Proceedings Eighth International Workshop on Programming Language Approaches to Concurrency- and Communication-cEntric Software, PLACES 2015, London, UK, 18th April 2015.
UR  - http://eptcs.web.cse.unsw.edu.au/paper.cgi?PLACES2015.6
PB  - Open Publishing Association
EP  - 84
VL  - 203
SN  - 2075-2180
A1  - Ghilezan, Silvia
A1  - Jak?i?, Svetlana
A1  - Pantovi?, Jovanka
A1  - Pérez, Jorge A.
A1  - Torres Vieira, Hugo
SP  - 73
Y1  - 2015///
ER  -