Secure composition of insecure components

Proceedings of the 12th IEEE Computer Security Foundations Workshop Pub Date : 1999-06-28 DOI:10.1109/CSFW.1999.779769

Peter Sewell, J. Vitek

{"title":"Secure composition of insecure components","authors":"Peter Sewell, J. Vitek","doi":"10.1109/CSFW.1999.779769","DOIUrl":null,"url":null,"abstract":"Software systems are becoming heterogeneous: instead of a small number of large programs from well-established sources, a user's desktop may now consist of many smaller components that interact in intricate ways. Some components will be down-loaded from the network from sources that are only partially trusted. A user would like to know that a number of security properties hold, e.g., that personal data is not leaked to the net, but it is typically infeasible to verify that such components are well behaved. Instead they must be executed in a secure environment, or wrapper, that provides fine grain control of the allowable interactions between them and between components and other system resources. We study such wrappers, focusing on how they can be expressed in a way that enables their security properties to be stated and proved rigorously. We introduce a model programming language, the box-/spl pi/ calculus that supports composition of software components and the enforcement of security policies. Several example wrappers are expressed using the calculus: we explore the delicate security properties they guarantee.","PeriodicalId":374159,"journal":{"name":"Proceedings of the 12th IEEE Computer Security Foundations Workshop","volume":"28 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1999-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"55","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 12th IEEE Computer Security Foundations Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSFW.1999.779769","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 55

Abstract

Software systems are becoming heterogeneous: instead of a small number of large programs from well-established sources, a user's desktop may now consist of many smaller components that interact in intricate ways. Some components will be down-loaded from the network from sources that are only partially trusted. A user would like to know that a number of security properties hold, e.g., that personal data is not leaked to the net, but it is typically infeasible to verify that such components are well behaved. Instead they must be executed in a secure environment, or wrapper, that provides fine grain control of the allowable interactions between them and between components and other system resources. We study such wrappers, focusing on how they can be expressed in a way that enables their security properties to be stated and proved rigorously. We introduce a model programming language, the box-/spl pi/ calculus that supports composition of software components and the enforcement of security policies. Several example wrappers are expressed using the calculus: we explore the delicate security properties they guarantee.

查看原文本刊更多论文

不安全组件的安全组合

软件系统正在变得异构化:用户的桌面现在可能由许多以复杂方式相互作用的较小组件组成，而不是来自已建立好的来源的少量大型程序。某些组件将从仅部分受信任的源从网络下载。用户希望知道一些安全属性，例如，个人数据不会泄露到网络上，但通常无法验证这些组件是否运行良好。相反，它们必须在安全的环境或包装器中执行，该环境或包装器提供了对它们之间以及组件与其他系统资源之间允许的交互的细粒度控制。我们将研究这样的包装器，重点关注如何以一种能够严格声明和证明其安全属性的方式来表示它们。我们介绍了一种模型编程语言，box-/spl pi/微积分，它支持软件组件的组合和安全策略的实施。使用微积分表示了几个示例包装器:我们探索了它们保证的微妙安全属性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 12th IEEE Computer Security Foundations Workshop

自引率

0.00%

发文量