Title :
Reconstructing security types for automated policy enforcement in FABLE
Author :
Afshar, Arash ; Fallah, Mehran S.
Author_Institution :
Dept. of Comput. Eng. & Inf. Technol., Amirkabir Univ. of Technol., Tehran, Iran
Abstract :
Providing security at programming language level has received enormous attention in recent years. FABLE is an outstanding language intended to enforce the security policies specified by programmers. In doing so, it employs a rich type system whereby only a program with appropriate labels and policy-function calls can type-check. In this paper, we present a constraint-based type system that enables FABLE to infer security labels. It can also be utilized to correct an ill-typed program by identifying missing policy-function invocations. The point is how to preserve the intended functionality of a program when we add code to satisfy a given policy.
Keywords :
programming languages; security of data; FABLE; automated policy enforcement; policy function invocations; programming language security; security policies; security type reconstruction; Access control; Color; Computer languages; Educational institutions; Inference algorithms; Semantics; language-based security; static analysis; type reconstruction; type reconstructionutomated policy enforcement; utomated policy enforcement;
Conference_Titel :
Network and System Security (NSS), 2011 5th International Conference on
Conference_Location :
Milan
Print_ISBN :
978-1-4577-0458-1
DOI :
10.1109/ICNSS.2011.6060030
