Title :
Resource-Aware Authorization Policies for Statically Typed Cryptographic Protocols
Author :
Bugliesi, Michele ; Calzavara, Stefano ; Eigner, Fabienne ; Maffei, Matteo
Author_Institution :
Univ. Ca´´ Foscari Venezia, Venezia, Italy
Abstract :
Type systems for authorization are a popular device for the specification and verification of security properties in cryptographic applications. Though promising, existing frameworks exhibit limited expressive power, as the underlying specification languages fail to account for powerful notions of authorization based on access counts, usage bounds, and mechanisms of resource consumption, which instead characterize most of the modern online services and applications. We present a new type system that features a novel combination of affine logic, refinement types, and types for cryptography, to support the verification of resource-aware security policies. The type system allows us to analyze a number of cryptographic protocol patterns and security properties, which are out of reach for existing verification frameworks based on static analysis.
Keywords :
authorisation; cryptography; formal logic; formal specification; formal verification; program diagnostics; access counts; affine logic; refinement types; resource consumption mechanism; resource-aware authorization policies; security properties specification; security properties verification; static analysis; statically typed cryptographic protocols; usage bounds; Authorization; Encryption; Protocols; Safety; Semantics;
Conference_Titel :
Computer Security Foundations Symposium (CSF), 2011 IEEE 24th
Conference_Location :
Cernay-la-Ville
Print_ISBN :
978-1-61284-644-6
DOI :
10.1109/CSF.2011.13
