Personal tools
You are here: Home Events Abstract Archives 2006-2007 Managing Policy Updates in Security-typed Languages

Managing Policy Updates in Security-typed Languages

Nikhil Swamy University of Maryland, MD, USA 11am Thursday 19th April 2007 Room 2509, JCMB, King's Buildings N.B. nonstandard day, time and room

I will present a design for RX, a new security-typed programming language with features intended to make the management of information-flow policies more practical. Security labels in RX, in contrast to prior approaches, are defined in terms of owned roles, as found in the RT role-based trust-management framework. Role-based security policies allow flexible delegation, and our language provides constructs through which programs can robustly update policies and react to policy updates dynamically. Our dynamic semantics use statically verified transactions to eliminate illegal information flows across updates, which we call transitive flows. Because policy updates can be observed through dynamic queries, policy updates can potentially reveal sensitive information. As such, RX considers policy statements themselves to be potentially confidential information and subject to information-flow metapolicies.

Document Actions