No CrossRef data available.
Article contents
Non-disclosure for distributed mobile code
Published online by Cambridge University Press: 27 October 2011
Abstract
With the emergence of the new possibilities offered by global computing, new security issues follow from the fact that these possibilities can be equally exploited by parties with malicious intentions. Many attacks arise at the application level, and can be tackled by means of programming language techniques. For instance, confidentiality can be violated during the execution of programs that reveal secret information. This kind of program behaviour can be avoided by information flow analyses that detect the encoding of illegal flows.
This paper studies information flows that occur in distributed programs with code mobility from a language-based security perspective. New forms of security leaks that are introduced by code mobility, which we call migration leaks, are presented and compared with well-known forms of illegal flow. We propose an information flow property that is adequate for networks consisting of a generalisation of the non-disclosure policy. We design a type and effect system for enforcing it on an expressive distributed calculus, and explain a soundness proof methodology in detail.
- Type
- Paper
- Information
- Mathematical Structures in Computer Science , Volume 21 , Special Issue 6: Programming Language Interference and Dependence , December 2011 , pp. 1111 - 1181
- Copyright
- Copyright © Cambridge University Press 2011