Program Partitioning using Dynamic Trust Models

Dan Søndergaard, Christian W. Probst, Christian D. Jensen, René Rydhof Hansen

    Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

    Abstract

    Developing distributed applications is a difficult task. It is further complicated if system-wide security policies shall be specified and enforced, or if both data and hosts are owned by principals that do not fully trust each other, as is typically the case in service-oriented or grid-based scenarios. Language-based technologies have been suggested to support developers of those applications---the \$\backslash\$emph{Decentralized Label Model} and \$\backslash\$emph{Secure Program Partitioning} allow to annotate programs with security specifications, and to partition the annotated program across a set of hosts, obeying both the annotations and the trust relation between the principals. The resulting applications guarantee \$\backslash\$emph{by construction} that safety and confidentiality of both data and computations are ensured. In this work, we develop a generalised version of the splitting framework, that is parametrised in the trust component, and show the result of specialising it with different trust models. We also develop a metric to measure the quality of the result of the partitioning process.
    Original languageEnglish
    Title of host publicationWorkshop on Formal Aspects in Security and Trust (FAST 2006)
    Publication date2006
    Publication statusPublished - 2006
    EventWorkshop on Formal Aspects in Security and Trust - Hamilton, Canada
    Duration: 26 Aug 200627 Aug 2006

    Workshop

    WorkshopWorkshop on Formal Aspects in Security and Trust
    CountryCanada
    CityHamilton
    Period26/08/200627/08/2006

    Cite this