Title :
Secrecy by typing and file-access control
Author :
Chaudhuri, Avik ; Abadi, Martín
Author_Institution :
Dept. of Comput. Sci., California Univ., Santa Cruz, CA
Abstract :
Secrecy properties can he guaranteed through a combination of static and dynamic checks. The static checks may include the application of special type systems with notions of secrecy. The dynamic checks can be of many different kinds; in practice, the most important are access-control checks, often ones based on ACLs (access-control lists). In this paper, we explore the interplay of static and dynamic checks in the setting of a file system. For this purpose, we study a pi calculus with file-system constructs. The calculus supports both access-control checks and a form of static scoping that limits the knowledge of terms - including file names and contents - to groups of clients. We design a system with secrecy types for the calculus: using this system, we can prove secrecy properties by static typing of programs in the presence of file-system access-control checks
Keywords :
authorisation; pi calculus; access-control checks; access-control lists; dynamic checks; file-access control; file-system constructs; pi calculus; program static typing; static checks; static scoping; typing secrecy; Access control; Access protocols; Application software; Calculus; Computer science; Cryptographic protocols; Cryptography; File systems; Secure storage; Silicon;
Conference_Titel :
Computer Security Foundations Workshop, 2006. 19th IEEE
Conference_Location :
Venice
Print_ISBN :
0-7695-2615-2
DOI :
10.1109/CSFW.2006.28
