Type-based access control: for distributed systems, for components and under attack

This talk will cover some of my previous work that may now be applicable to the Trust4all project. I will start with an overview of some type-based information flow work, including the "decentralised label model" of Myers and Liskov and the JIF programming language. I will then show how local type checking can be extended to distributed systems by associating access control lists with cryptographic keys. When a piece of data is sent outside of a type checked area it is encrypted with a key that represents the list of principles that can access that data. When encrypted data is received, the access restrictions from the decryption key are used as the access control type.

I will probably take a brake at this point before discussing some more detailed issues, such as how data can be safely declassified in such a system and how we can constraint the effects of inside attackers who ignore the type system. Finally I will outline some ideas about how information flow can be applied to the Trust4all component model.  

hosted by