Abstract | ||
---|---|---|
We introduce a role-based access control calculus for modelling dynamic web data and a corresponding type system. It is an extension of the Xdp calculus proposed by Gardner and Maffeis. In our framework, a network is a parallel composition of locations, where each location contains processes with roles and a data tree whose edges are associated with roles. Processes can communicate, migrate from a location to another, use the data, change the data and the roles in the local tree. In this way, we obtain a model that controls process access to data. We propose a type system which ensures that a specified network policy is respected during computations. Finally, we show that our calculus obeys the following security properties: (1) all data trees and processes with roles in a location agree with the location policy; (2) a process can migrate only to a location with whose policy it agrees; (3) a process with roles can read and modify only data which are accessible to it; (4) a process with roles can enable and disable roles in agreement with the location policy. |
Year | DOI | Venue |
---|---|---|
2010 | 10.1007/978-3-642-20775-4_1 | WFLP |
Keywords | Field | DocType |
calculus obeys,specified network policy,local tree,data tree,role-based access control calculus,dynamic web data,corresponding type system,process access,location policy,type system | Network security policy,Computer science,Tree (data structure),Role-based access control,Theoretical computer science,Security properties,Access control,Dynamic web page,Data access,Computation | Conference |
Citations | PageRank | References |
4 | 0.41 | 21 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Mariangiola Dezani-Ciancaglini | 1 | 1615 | 193.57 |
Silvia Ghilezan | 2 | 106 | 14.66 |
Svetlana Jakšić | 3 | 15 | 2.76 |
Jovanka Pantović | 4 | 7 | 2.94 |