Resource-Aware Authorization Policies for Statically Typed Cryptographic Protocols

Author

Bugliesi, Michele ; Calzavara, Stefano ; Eigner, Fabienne ; Maffei, Matteo

Author_Institution

Univ. Ca´´ Foscari Venezia, Venezia, Italy

fYear

2011

fDate

27-29 June 2011

Firstpage

83

Lastpage

98

Abstract

Type systems for authorization are a popular device for the specification and verification of security properties in cryptographic applications. Though promising, existing frameworks exhibit limited expressive power, as the underlying specification languages fail to account for powerful notions of authorization based on access counts, usage bounds, and mechanisms of resource consumption, which instead characterize most of the modern online services and applications. We present a new type system that features a novel combination of affine logic, refinement types, and types for cryptography, to support the verification of resource-aware security policies. The type system allows us to analyze a number of cryptographic protocol patterns and security properties, which are out of reach for existing verification frameworks based on static analysis.

Keywords

authorisation; cryptography; formal logic; formal specification; formal verification; program diagnostics; access counts; affine logic; refinement types; resource consumption mechanism; resource-aware authorization policies; security properties specification; security properties verification; static analysis; statically typed cryptographic protocols; usage bounds; Authorization; Encryption; Protocols; Safety; Semantics;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Foundations Symposium (CSF), 2011 IEEE 24th

Conference_Location

Cernay-la-Ville

ISSN

1940-1434

Print_ISBN

978-1-61284-644-6

Type

conf

DOI

10.1109/CSF.2011.13

Filename

5992156