Roles, Stacks, Histories: A Triple for Hoare

Behavioural type and effect systems regulate properties such as adherence to object and communication protocols, dynamic security policies, avoidance of race conditions, and many others. Typically, each system is based on some specific syntax of constraints, and is checked with an ad hoc solver. Ins...

Full description

Saved in:
Bibliographic Details
Published inReflections on the Work of C.A.R. Hoare pp. 71 - 99
Main Authors Borgström, Johannes, Gordon, Andrew D., Pucella, Riccardo
Format Book Chapter
LanguageEnglish
Published London Springer London 21.07.2010
Subjects
Access Control
Access Control Policy
Application Programming Interface
Computation Type
Satisfiability Modulo Theory
Online AccessGet full text
ISBN1848829116
9781848829114
1848829124
9781848829121
DOI10.1007/978-1-84882-912-1_4

Cover

More Information
Summary:Behavioural type and effect systems regulate properties such as adherence to object and communication protocols, dynamic security policies, avoidance of race conditions, and many others. Typically, each system is based on some specific syntax of constraints, and is checked with an ad hoc solver. Instead, weadvocate types refined with first-order logic formulas as a basis for behavioural type systems, and general purpose automated theorem provers as an effective means of checking programs. To illustrate this approach, we define a triple of security-related type systems: for role-based access control, for stack inspection, and for history-based access control. The three are all instances of a refined state monad. Our semantics allows a precise comparison of the similarities and differences of these mechanisms. In our examples, the benefit of behavioural type-checking is to rule out the possibility of unexpected security exceptions, a common problem with code-based access control.
ISBN:1848829116
9781848829114
1848829124
9781848829121
DOI:10.1007/978-1-84882-912-1_4