Sandboxing in myKlaim

René Rydhof Hansen, Christian W. Probst, Flemming Nielson

    Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

    244 Downloads (Pure)

    Abstract

    The μKlaim calculus is a process algebra designed to study the programming of distributed systems consisting of a number of locations each having their own tuple space and collection of mobile processes. Previous work has explored how to incorporate a notion of capabilities to be enforced dynamically by means of a reference monitor. Our first contribution is to describe a sandboxing semantics for the remote evaluation of mobile code; we then develop a succinct flow logic for statically guaranteeing the properties enforced by the reference monitor and hence for dispensing with the overhead of a dynamic reference monitor. Our second contribution is an extension of the calculus to interact with an environment; processes enter the system from the environment and we develop an entry-condition that is sufficient for ensuring that the resulting system continues to guarantee the properties that would otherwise need to be dynamically enforced by the reference monitor. We call the resulting calculus myKlaim.
    Original languageEnglish
    Title of host publicationThe First International Conference on Availability, Reliability and Security, 2006. ARES 2006.
    PublisherIEEE
    Publication date2006
    ISBN (Print)0-7695-2567-9
    DOIs
    Publication statusPublished - 2006
    EventThe First International Conference on Availability, Reliability and Security, 2006. -
    Duration: 1 Jan 2006 → …

    Conference

    ConferenceThe First International Conference on Availability, Reliability and Security, 2006.
    Period01/01/2006 → …

    Bibliographical note

    Copyright: 2006 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE

    Cite this

    Hansen, R. R., Probst, C. W., & Nielson, F. (2006). Sandboxing in myKlaim. In The First International Conference on Availability, Reliability and Security, 2006. ARES 2006. IEEE. https://doi.org/10.1109/ARES.2006.115