Security Policies as Membranes in Systems for Global Computing

We propose a simple global computing framework, whose main concern is code migration. Systems are structured in sites, and each site is divided into two parts: a computing body, and a membrane which regulates the interactions between the computing body and the external environment. More precisely, membranes are filters which control access to the associated site, and they also rely on the well-established notion of trust between sites. We develop a basic theory to express and enforce security policies via membranes. Initially, these only control the actions incoming agents intend to perform locally. We then adapt the basic theory to encompass more sophisticated policies, where the number of actions an agent wants to perform, and also their order, are considered

Security Policies as Membranes in Systems for Global Computing (talk)

Talk given at GC 2004: MyThS/MIKADO/DART Meeting, Venice 15.06.0

Tipski sistemi za kontrolu memorije i prava pristupa

Three issues will be elaborated and disussed in the proposed thesis. The first is administration and control of data access rights in networks with XML data, with emphasis on data security. The second is the administration and control of access rights to data in computer networks with RDF data, with emphasis on data privacy. The third is prevention of errors and memory leaks, as well as communication errors, generated by programs written in Sing # language in the presence of exceptions. For all three issues, there will be presented formal models with corresponding type systems and showed the absence of undesired behavior i.e. errors in networks or programs.У тези су разматрана три проблема. Први је администрација и контрола права приступа података у рачунарској мрежи са XML подацима, са нагласком на безбедости посматраних података. Други је администрација и котрола права приступа подацима у рачунарској мрежи са RDF подацима, са нагласком на приватности посматраних података. Трећи је превенција грешака и цурења меморије, као и грешака у комуникацији генерисаним програмима написаних на језику Sing# у којима су присутни изузеци. За сва три проблема биће предложени формални модели и одговарајући типски системи помоћу којих се показује одсуство неповољних понашања тј. грешака у мрежама односно програмима.U tezi su razmatrana tri problema. Prvi je administracija i kontrola prava pristupa podataka u računarskoj mreži sa XML podacima, sa naglaskom na bezbedosti posmatranih podataka. Drugi je administracija i kotrola prava pristupa podacima u računarskoj mreži sa RDF podacima, sa naglaskom na privatnosti posmatranih podataka. Treći je prevencija grešaka i curenja memorije, kao i grešaka u komunikaciji generisanim programima napisanih na jeziku Sing# u kojima su prisutni izuzeci. Za sva tri problema biće predloženi formalni modeli i odgovarajući tipski sistemi pomoću kojih se pokazuje odsustvo nepovoljnih ponašanja tj. grešaka u mrežama odnosno programima

Security Policies as Membranes in Systems for Global Computing

We propose a simple global computing framework, whose main concern is codemigration. Systems are structured in sites, and each site is divided into twoparts: a computing body, and a membrane, which regulates the interactionsbetween the computing body and the external environment. More precisely,membranes are filters which control access to the associated site, and theyalso rely on the well-established notion of trust between sites. We develop abasic theory to express and enforce security policies via membranes. Initially,these only control the actions incoming agents intend to perform locally. Wethen adapt the basic theory to encompass more sophisticated policies, where thenumber of actions an agent wants to perform, and also their order, areconsidered.Comment: 23 pages; to appear in Logical Methods in Computer Scienc

Security Policies as Membranes in Systems for Global Computing

We propose a simple global computing framework, whose main concern is code migration. Systems are structured in sites, and each site is divided into two parts: a computing body, and a membrane, which regulates the interactions between the computing body and the external environment. More precisely, membranes are filters which control access to the associated site, and they also rely on the well-established notion of trust between sites. We develop a basic theory to express and enforce security policies via membranes. Initially, these only control the actions incoming agents intend to perform locally. We then adapt the basic theory to encompass more sophisticated policies, where the number of actions an agent wants to perform, and also their order, are considered

Security Policies as Membranes in Systems for Global Computing

We propose a simple global computing framework, whose main concern is code migration. Systems are structured in sites, and each site is divided into two parts: a computing body, and a membrane which regulates the interactions between the computing body and the external environment. More precisely, membranes are filters which control access to the associated site, and they also rely on the well-established notion of trust between sites. We develop a basic theory to express and enforce security policies via membranes. Initially, these only control the actions incoming agents intend to perform locally. We then adapt the basic theory to encompass more sophisticated policies, where the number of actions an agent wants to perform, and also their order, are considered