[an error occurred while processing this directive]
An error occured whilst processing this directive
Managing Policy Updates in Security-typed Languages
University of Maryland, MD, USA
11am Thursday 19th April 2007
Room 2509, JCMB, King's Buildings
N.B. nonstandard day, time and room
Abstract
I will present a design for RX, a new security-typed
programming language with features intended to make the management of
information-flow policies more practical. Security labels in RX,
in contrast to prior approaches, are defined in terms of owned
roles, as found in the RT role-based trust-management framework.
Role-based security policies allow flexible delegation, and our
language provides constructs through which programs can robustly
update policies and react to policy updates dynamically. Our dynamic
semantics use statically verified transactions to eliminate
illegal information flows across updates, which we call
transitive flows. Because policy updates can be observed
through dynamic queries, policy updates can potentially reveal
sensitive information. As such, RX considers policy statements
themselves to be potentially confidential information and subject to
information-flow metapolicies.
An error occured whilst processing this directive