Title :
Secure composition of untrusted code: wrappers and causality types
Author :
Sewell, Peter ; Vitek, Jan
Author_Institution :
Comput. Lab., Cambridge Univ., UK
Abstract :
We consider the problem of assembling concurrent software systems from untrusted or partially trusted off-the-shelf components, using wrapper programs to encapsulate components and enforce security policies. In previous work we introduced the box-π process calculus with constrained interaction to express wrappers and discussed the rigorous formulation of their security properties. This paper addresses the verification of wrapper information flow properties. We present a novel causal type system that statically captures the allowed flows between wrapped possibly-badly-typed components; we use it to prove that an example unidirectional-flow wrapper enforces a causal flow property
Keywords :
pi calculus; security of data; software reusability; box-π process calculus; causal type system; causality types; component encapsulation; concurrent software system assembly; constrained interaction; partially trusted off-the-shelf components; secure untrusted code composition; security policies; unidirectional-flow wrapper; untrusted off-the-shelf components; wrapper information flow property verification; wrapper programs; Assembly systems; Calculus; Information security; Software systems;
Conference_Titel :
Computer Security Foundations Workshop, 2000. CSFW-13. Proceedings. 13th IEEE
Conference_Location :
Cambridge
Print_ISBN :
0-7695-0671-2
DOI :
10.1109/CSFW.2000.856943
