Article

Secure safe ambients

Authors:

Michele Bugliesi,

Giuseppe CastagnaAuthors Info & Claims

POPL '01: Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages

Pages 222 - 235

https://doi.org/10.1145/360204.360223

Published: 01 January 2001 Publication History

Abstract

Secure Safe Ambients (SSA) are a typed variant of Safe Ambients [9], whose type system allows behavioral invariants of ambients to be expressed and verified. The most significant aspect of the type system is its ability to capture both explicit and implicit process and ambient behavior: process types account not only for immediate behavior, but also for the behavior resulting from capabilities a process acquires during its evolution in a given context. Based on that, the type system provides for static detection of security attacks such as Trojan Horses and other combinations of malicious agents.We study the type system of SSA, define algorithms for type checking and type reconstruction, define powerful languages for expressing security properties, and study a distributed version of SSA and its type system. For the latter, we show that distributed type checking ensures security even in ill-typed contexts, and discuss how it relates to the security architecture of the Java Virtual Machine.

References

[1]

D. Brewer and M. Nash. The chinese wall security policy. In Proc. of lEEE Symposium on Security and Privacy, pages 206-214, 1982.

[2]

H. R. N. C. Bodei, E Degano and E Nielson. Static analysis of processes for no read-up and no write-down. In Porceedins of FoSSaCS'99. 1999.

[3]

L. Cardelli, G. Ghelli, and A. Gordon. Mobility types for mobile ambients. In Proceedings of ICALP'99, LNCS 1644, pages 230-239. 1999.

[4]

L. Cardelli, G. Ghelli, and A. D. Gordon. Ambient groups and mobility types. In Int. Conf. IFIP TCS, LNCS 1872, pages 333-347. 2000.

[5]

L. Cardelli and A. Gordon. Mobile ambients. In Proceedings of POPL'98. ACM Press, 1998.

Digital Library

[6]

L. Cardelli and A. Gordon. Types for mobile ambients. In Proceedings of POPL'99, pages 79-92. ACM Press, 1999.

Digital Library

[7]

P. J. Denning. Fault tolerant operating systems. ACM Computing Surveys, 8(4):359-389, Dec. 1976.

Digital Library

[8]

L. Gong. Inside Java 2 Platform Security. Addison-Wesley, 1999.

Digital Library

[9]

E Levi and D. Sangiorgi. Controlling interference in ambients. In POPL '00, pages 352-364. ACM Press, 2000.

Digital Library

[10]

T. Lindholm and E Yellin. The Java Virtual Machine Specification. Java series. Addison-Wesley, 1997.

Digital Library

[11]

G. Necula. Proof carrying code. In A. Press, editor, POPL '97, 1997.

Digital Library

[12]

E Nielson, H. R. Nielson, R. R. Hansen, and J. G. Jensen. Validating firewalls in mobile ambients. In Proc. CONCUR'99, LNCS 1664, pages 463-477, 1999.

[13]

H. R. Nielson and F. Nielson. Shape analysis for mobile ambients. In POPL'00, pages 135-148. ACM Press, 2000.

[14]

P. Sewell and J. Vitek. Secure composition of untrusted code: Wrappers and causality types. In 13th IEEE Computer Security Foundations Workshop, 2000.

Digital Library

[15]

J. Vitek and G. Castagna. Seal: A framework for secure mobile computations. In Internet Programming Languages, LNCS 1686, 1999.

Digital Library

Cited By

Kumar NShyamasundar RMakarevich OPoet REl�i AGaur MOrgun MBabenko LFerdous SHo ALaxmi VPieprzyk J(2015)Labelled mobile ambients model for information flow security in distributed systemsProceedings of the 8th International Conference on Security of Information and Networks10.1145/2799979.2800012(330-337)Online publication date: 8-Sep-2015
https://dl.acm.org/doi/10.1145/2799979.2800012
Li-cui Z(2009)Operational Semantics Based on Frame of Extended Seal Calculus LanguageProceedings of the 2009 WASE International Conference on Information Engineering - Volume 0210.1109/ICIE.2009.76(273-276)Online publication date: 10-Jul-2009
https://dl.acm.org/doi/10.1109/ICIE.2009.76
(2009)Efficient Topic-Based File Sharing in Hybrid Wireless NetworksProceedings of the 42nd Hawaii International Conference on System Sciences10.1109/HICSS.2009.180(1-9)Online publication date: 5-Jan-2009
https://dl.acm.org/doi/10.1109/HICSS.2009.180
Show More Cited By

Index Terms

Secure safe ambients
1. Security and privacy
  1. Systems security
    1. Operating systems security
2. Theory of computation

Recommendations

Secure safe ambients

Secure Safe Ambients (SSA) are a typed variant of Safe Ambients [9], whose type system allows behavioral invariants of ambients to be expressed and verified. The most significant aspect of the type system is its ability to capture both explicit and ...
Behavioural typing for safe ambients

We introduce a typed variant of Safe Ambients, named Secure Safe Ambients (SSA), whose type system allows behavioral invariants of ambients to be expressed and verified. The most significant aspect of the type system is its ability to capture both ...
Security Types for Mobile Safe Ambients
ASIAN '00: Proceedings of the 6th Asian Computing Science Conference on Advances in Computing Science

The Ambient Calculus and the Safe Ambient Calculus have been recently successfully proposed as models for the Web. They are based on the notions of ambient movement and ambient opening. Different type disciplines have been devised for them in order to ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

POPL '01: Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages

January 2001

304 pages

ISBN:1581133367

DOI:10.1145/360204

Chairmen:
Chris Hankin
Imperial College, London, U. K.
,
Dave Schmidt
Kansas State Univ., Manhattan

ACM SIGPLAN Notices Volume 36, Issue 3
March 2001
303 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/373243
Editors:
Cindy Norris
Appalachian State Univ., Boone, NC
,
James B. Fenwick
Appalachian State Univ., Boone, NC
Issue’s Table of Contents

Copyright © 2001 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 January 2001

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Conference

POPL01

Sponsor:

POPL01: The 28th Annual ACM SIGPLAN/SIGACT Symposium on Principles of Programming Languages

London, United Kingdom

Acceptance Rates

POPL '01 Paper Acceptance Rate 24 of 126 submissions, 19%;

Overall Acceptance Rate 824 of 4,130 submissions, 20%

Upcoming Conference

POPL '25

Sponsor:
sigplan

The 52nd Annual ACM SIGPLAN Symposium on Principles of Programming Languages

January 19 - 25, 2025

Denver , CO , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

43
Total Citations
View Citations
396
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 22 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Kumar NShyamasundar RMakarevich OPoet REl�i AGaur MOrgun MBabenko LFerdous SHo ALaxmi VPieprzyk J(2015)Labelled mobile ambients model for information flow security in distributed systemsProceedings of the 8th International Conference on Security of Information and Networks10.1145/2799979.2800012(330-337)Online publication date: 8-Sep-2015
https://dl.acm.org/doi/10.1145/2799979.2800012
Li-cui Z(2009)Operational Semantics Based on Frame of Extended Seal Calculus LanguageProceedings of the 2009 WASE International Conference on Information Engineering - Volume 0210.1109/ICIE.2009.76(273-276)Online publication date: 10-Jul-2009
https://dl.acm.org/doi/10.1109/ICIE.2009.76
(2009)Efficient Topic-Based File Sharing in Hybrid Wireless NetworksProceedings of the 42nd Hawaii International Conference on System Sciences10.1109/HICSS.2009.180(1-9)Online publication date: 5-Jan-2009
https://dl.acm.org/doi/10.1109/HICSS.2009.180
Braghin CCortesi AFocardi R(2008)Information flow security in Boundary AmbientsInformation and Computation10.1016/j.ic.2007.12.001206:2-4(460-489)Online publication date: 1-Feb-2008
https://dl.acm.org/doi/10.1016/j.ic.2007.12.001
Barbanera FBugliesi MDezani-Ciancaglini MSassone V(2007)Space-aware ambients and processesTheoretical Computer Science10.1016/j.tcs.2006.11.017373:1-2(41-69)Online publication date: 10-Mar-2007
https://dl.acm.org/doi/10.1016/j.tcs.2006.11.017
Hansen RProbst CNielson F(2006)Sandboxing in myKlaimProceedings of the First International Conference on Availability, Reliability and Security10.1109/ARES.2006.115(174-181)Online publication date: 20-Apr-2006
https://dl.acm.org/doi/10.1109/ARES.2006.115
Levi F(2006)A typed encoding of boxed into safe ambientsActa Informatica10.1007/s00236-005-0002-842:6-7(429-500)Online publication date: 4-Jan-2006
https://doi.org/10.1007/s00236-005-0002-8
Çalıklı HÇağlayan U(2005)A formal policy specification language for an 802.11 WLAN with enhanced security networkProceedings of the 20th international conference on Computer and Information Sciences10.1007/11569596_21(183-192)Online publication date: 26-Oct-2005
https://dl.acm.org/doi/10.1007/11569596_21
Bugliesi MCastagna GCrafa S(2004)Access control for mobile agentsACM Transactions on Programming Languages and Systems10.1145/963778.96378126:1(57-124)Online publication date: 1-Jan-2004
https://dl.acm.org/doi/10.1145/963778.963781
Levi FMaffeis S(2004)On abstract interpretation of mobile ambientsInformation and Computation10.1016/j.ic.2003.06.001188:2(179-240)Online publication date: 29-Jan-2004
https://dl.acm.org/doi/10.1016/j.ic.2003.06.001
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents