Copyright Information
The documents distributed by this server have been provided by the contributing authors as a means to ensure timely dissemination of
scholarly and technical work on a noncommercial basis. Copyright and all rights therein are maintained by the authors or by other
copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying
this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without
the explicit permission of the copyright holder.
show main publications
Confining Data and Processes in Global Computing Applications @ARTICLE{DGP06, title = {{Confining Data and Processes in Global Computing Applications}}, author = {{Rocco} {De Nicola} and {Daniele} {Gorla} and {Rosario} {Pugliese}}, journal = {Science of Computer Programming}, pages = {57-87}, abstract = {A programming notation is introduced that can be used for protecting secrecy and integrity of data in global computing applications. The approach is based on the explicit annotations of data and network nodes. Data are tagged with information about the allowed movements, network nodes are tagged with information about the nodes that can send data and spawn processes to them. The annotations are used to confine movements of data and processes. The approach is illustrated by applying it to three paradigmatic calculi for global computing, namely cKlaim (a calculus at the basis of Klaim), Dpi (a distributed version of the pi-calculus) and Mobile Ambients Calculus. For all of these formalisms, it is shown that their semantics guarantees that computations proceed only while respecting confinement constraints. Namely, it is proven that, after successful static type checking, data can reside at and cross only authorised nodes. ``Local'' formulations of this property where only relevant sub-nets type check are also presented. Finally, the theory is tested by using it to model secure behaviours of a UNIX-like multiuser system.}, publisher = {Elsevier Science}, volume = {63}, number = {1}, year = {2006}, url = {http://rap.dsi.unifi.it/~pugliese/DOWNLOAD/DGP-Confinement.pdf}, partner = {DSIUF}, status = {public}, task = {T3.2}, }
|