eprintid: 3690
rev_number: 17
eprint_status: archive
userid: 59
dir: disk0/00/00/36/90
datestamp: 2017-05-04 13:35:38
lastmod: 2017-05-04 13:35:38
status_changed: 2017-05-04 13:35:38
type: article
metadata_visibility: show
creators_name: Ghilezan, Silvia
creators_name: Jakšić, Svetlana
creators_name: Pantović, Jovanka
creators_name: Pérez, Jorge A.
creators_name: Torres Vieira, Hugo
creators_id: 
creators_id: 
creators_id: 
creators_id: 
creators_id: hugo.torresvieira@imtlucca.it
title: A Typed Model for Dynamic Authorizations
ispublished: pub
subjects: QA75
divisions: CSA
full_text_status: public
note: Proceedings Eighth International Workshop on Programming Language Approaches to Concurrency- and Communication-cEntric Software, PLACES 2015, London, UK, 18th April 2015.
abstract: Security requirements in distributed software systems are inherently dynamic. In the case of authorization policies, resources are meant to be accessed only by authorized parties, but the authorization to access a resource may be dynamically granted/yielded. We describe ongoing work on a model for specifying communication and dynamic authorization handling. We build upon the pi-calculus so as to enrich communication-based systems with authorization specification and delegation; here authorizations regard channel usage and delegation refers to the act of yielding an authorization to another party. Our model includes: (i) a novel scoping construct for authorization, which allows to specify authorization boundaries, and (ii) communication primitives for authorizations, which allow to pass around authorizations to act on a given channel. An authorization error may consist in, e.g., performing an action along a name which is not under an appropriate authorization scope. We introduce a typing discipline that ensures that processes never reduce to authorization errors, even when authorizations are dynamically delegated.
date: 2015
date_type: published
publication: Electronic Proceedings in Theoretical Computer Science
volume: 203
publisher: Open Publishing Association
pagerange: 73-84
id_number: 10.4204/EPTCS.203.6
refereed: TRUE
issn: 2075-2180
official_url: http://eptcs.web.cse.unsw.edu.au/paper.cgi?PLACES2015.6
related_url_url: https://doi.org/10.4204/EPTCS.203.6
related_url_type: org
citation:   Ghilezan, Silvia and Jakšić, Svetlana and Pantović, Jovanka and Pérez, Jorge A. and Torres Vieira, Hugo  A Typed Model for Dynamic Authorizations.  Electronic Proceedings in Theoretical Computer Science, 203.  pp. 73-84.  ISSN 2075-2180      (2015)  
document_url: http://eprints.imtlucca.it/3690/1/1602.03596.pdf