Title :
Enforcing secure service composition
Author :
Bartoletti, Massimo ; Degano, Pierpaolo ; Ferrari, Gian Luigi
Author_Institution :
Dipt. di Informatica, Univ. di Pisa, Italy
Abstract :
A static approach is proposed to study secure composition of software. We extend the λ-calculus with primitives for invoking services that respect given security requirements. Security-critical code is enclosed in policy framings with a possibly nested, local scope. Policy framings enforce safety and liveness properties of execution histories. The actual histories that can occur at runtime are over-approximated by a type and effect system. These approximations are model-checked to verify policy framings within their scopes. This allows for removing any runtime execution monitor, and for selecting those services that match the security requirements.
Keywords :
data encapsulation; lambda calculus; object-oriented programming; safety-critical software; security of data; lambda-calculus; policy framings; secure service composition; secure software composition; security requirements; security-critical code; Assembly; Computer security; Cryptography; Data security; Distributed computing; History; Monitoring; Runtime; Safety; Web services;
Conference_Titel :
Computer Security Foundations, 2005. CSFW-18 2005. 18th IEEE Workshop
Print_ISBN :
0-7695-2340-4
DOI :
10.1109/CSFW.2005.17
