Skip to Main content Skip to Navigation

Security Types for Dynamic Web Data

Abstract : We describe a type system for the Xdpi calculus. An Xdpi-network is a network of locations, where each location consists of both a data tree (which contains scripts and pointers to nodes in trees at different locations) and a process, for modelling process interaction, process migration and interaction between processes and data. Our type system is based on types for locations, data and processes, expressing security levels. A tree can store data of different security level, independently from the security level of the enclosing location. The access and mobility rights of a process depend on the security level of the “source” location of the process itself, i.e. of the location where the process was in the initial network or where the process was created by the activation of a script. The type system enjoys type preservation under reduction (subject reduction). In consequence of subject reduction we prove the following security properties. In a well-typed Xdpi-network, a process P whose source location is of level h can copy data of security level at most h and update data of security level less than h. Moreover, the process P can only communicate data and go to locations of security level equal or less than h.
Complete list of metadatas

Cited literature [22 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-00149049
Contributor : Daniele Varacca <>
Submitted on : Thursday, May 24, 2007 - 11:16:40 AM
Last modification on : Saturday, March 28, 2020 - 2:24:45 AM
Document(s) archivé(s) le : Thursday, April 8, 2010 - 5:42:31 PM

File

dgpv.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-00149049, version 1

Collections

Citation

Mariangiola Dezani-Ciancaglini, Silvia Ghilezan, Jovanka Pantovic, Daniele Varacca. Security Types for Dynamic Web Data. Theoretical Computer Science, Elsevier, 2008, 402 (2-3), pp.156-171. ⟨hal-00149049⟩

Share

Metrics

Record views

356

Files downloads

209