الفهرس | Only 14 pages are availabe for public view |
Abstract Today, many security application vulnerabilitics, especially those that are related to web applications can be viewed as an insecure information flow problem and the different security mechanisms such as access control and encryption are not enough to guarantee a secure information flow. Recently, a new approach has been developed: the use of programming language techniques for specifying and enforcing end to end information-flow policies, well known as security-typed programming languages or language- based security. In these languages, data types are annotated with security labels in order to identify the confidentiality and/or integrity policies for each data element. A security label is a pair of a confidentiality policy and an integrity policy, which specifies the principals or entities allowed to read or influence the value of the data. respectively. The specification of prin- cipals in those languages allows modeling different roles in the application program with different security concerns such as users, groups and processes. In practical applications, language constructs for delegation and revocation among principals are desired in order to permit a temporary information flow from one principal (the gran or) to a certain principale (the delegatee) and to renounce a prior permission. A general form of delegation is already present in some security typed programming languages such as Jif, a well known standard for security typed programming languages. Using delegation in this language a principal p can act for another principal q (i.e., any action taken by principal q is also authorized for principal p). |