Article

Session types for access and information flow control

Authors:

Ilaria Castellani,

Mariangiola Dezani-Ciancaglini,

Tamara RezkAuthors Info & Claims

CONCUR'10: Proceedings of the 21st international conference on Concurrency theory

Pages 237 - 252

Published: 31 August 2010 Publication History

Abstract

We consider a calculus for multiparty sessions with delegation, enriched with security levels for session participants and data. We propose a type system that guarantees both session safety and a form of access control. Moreover, this type system ensures secure information flow, including controlled forms of declassification. In particular, the type system prevents leaks that could result from an unrestricted use of the control constructs of the calculus, such as session opening, selection, branching and delegation. We illustrate the use of our type system with a number of examples, which reveal an interesting interplay between the constraints used in security type systems and those used in session types to ensure properties like communication safety and session fidelity.

References

[1]

Almeida Matos, A., Boudol, G.: On Declassification and the Non-Disclosure Policy. Journal of Computer Security 17, 549-597 (2009)

Digital Library

[2]

Bettini, L., Coppo, M., D'Antoni, L., De Luca, M., Dezani-Ciancaglini, M., Yoshida, N.: Global Progress in Dynamically Interleaved Multiparty Sessions. In: van Breugel, F., Chechik, M. (eds.) CONCUR 2008. LNCS, vol. 5201, pp. 418-433. Springer, Heidelberg (2008)

Digital Library

[3]

Bhargavan, K., Corin, R., Deniélou, P.-M., Fournet, C., Leifer, J.J.: Cryptographic Protocol Synthesis and Verification for Multiparty Sessions. In: Proc. CSF 2009, pp. 124-140. IEEE Computer Society, Los Alamitos (2009)

Digital Library

[4]

Boreale, M., Bruni, R., Nicola, R., Loreti, M.: Sessions and Pipelines for Structured Service Programming. In: Barthe, G., de Boer, F.S. (eds.) FMOODS 2008. LNCS, vol. 5051, pp. 19-38. Springer, Heidelberg (2008)

Digital Library

[5]

Boudol, G., Kolundzija, M.: Access Control and Declassification. In: Proc. Computer Network Security. CCIS, vol. 1, pp. 85-98. Springer, Heidelberg (2007)

[6]

Denning, D.E.R.: Cryptography and Data Security. Addison-Wesley, Reading (1982)

[7]

Dezani-Ciancaglini, M., de'Liguoro, U.: Sessions and Session Types: An Overview. In: Laneve, C. (ed.) WSFM 2010. LNCS, vol. 6194, pp. 1-28. Springer, Heidelberg (2010)

Digital Library

[8]

Focardi, R., Gorrieri, R.: Classification of Security Properties (Part I: Information Flow). In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 331-396. Springer, Heidelberg (2001)

Digital Library

[9]

Goguen, J.A., Meseguer, J.: Security Policies and Security Models. In: Proc. IEEE Symposium on Security and Privacy, pp. 11-20. IEEE Computer Society, Los Alamitos (1982)

[10]

Honda, K., Yoshida, N.: A Uniform Type Structure for Secure Information Flow. In: Proc. POPL 2002, pp. 81-92. ACM Press, New York (2002)

Digital Library

[11]

Honda, K., Yoshida, N., Carbone, M.: Multiparty Asynchronous Session Types. In: Proc. POPL 2008, pp. 273-284. ACM Press, New York (2008)

Digital Library

[12]

Kobayashi, N.: Type-Based Information Flow Analysis for the Pi-Calculus. Acta Informatica 42(4-5), 291-347 (2005)

Digital Library

[13]

Kolundžija, M.: Security Types for Sessions and Pipelines. In: Bruni, R., Wolf, K. (eds.) WSFM 2008. LNCS, vol. 5387, pp. 175-190. Springer, Heidelberg (2009)

Digital Library

[14]

Milner, R.: Communicating and Mobile Systems: the Pi-Calculus. CUP, Cambridge (1999)

Digital Library

[15]

Planul, J., Corin, R., Fournet, C.: Secure Enforcement for Global Process Specifications. In: Proc. CONCUR 2009. LNCS, vol. 5710, pp. 511-526. Springer, Heidelberg (2009)

Digital Library

[16]

Sabelfeld, A., Myers, A.C.: Language-Based Information-Flow Security. IEEE Journal on Selected Areas in Communications 21(1), 5-19 (2003)

Digital Library

[17]

Sabelfeld, A., Sands, D.: Probabilistic Noninterference for Multi-threaded Programs. In: Proc. CSFW2000, pp. 200-214. IEEE Computer Society, Los Alamitos (2000)

Digital Library

[18]

Sabelfeld, A., Sands, D.: Dimensions and Principles of Declassification. In: Proc. CSFW 2005. IEEE Computer Society, Los Alamitos (2005)

Digital Library

[19]

Smith, G., Volpano, D.: Secure Information Flow in a Multi-threaded Imperative Language. In: Proc. POPL 1998, pp. 355-364. ACM Press, New York (1998)

Digital Library

[20]

Takeuchi, K., Honda, K., Kubo, M.: An Interaction-based Language and its Typing System. In: Halatsis, C., Philokyprou, G., Maritsas, D., Theodoridis, S. (eds.) PARLE 1994. LNCS, vol. 817, pp. 398-413. Springer, Heidelberg (1994)

Digital Library

[21]

Volpano, D., Irvine, C., Smith, G.: A Sound Type System for Secure Flow Analysis. Journal of Computer Security 4(2,3), 167-187 (1996)

Digital Library

Cited By

Derakhshan FBalzer SJia LGorla D(2021)Session logical relations for noninterferenceProceedings of the 36th Annual ACM/IEEE Symposium on Logic in Computer Science10.1109/LICS52264.2021.9470654(1-14)Online publication date: 29-Jun-2021
https://dl.acm.org/doi/10.1109/LICS52264.2021.9470654
Honda KYoshida NCarbone M(2016)Multiparty Asynchronous Session TypesJournal of the ACM10.1145/282769563:1(1-67)Online publication date: 3-Mar-2016
https://dl.acm.org/doi/10.1145/2827695
Tabareau NSüdholt MTanter ÉPeternier ABinder WErnst EHirschfeld R(2014)Aspectual session typesProceedings of the 13th international conference on Modularity10.1145/2577080.2577085(193-204)Online publication date: 22-Apr-2014
https://dl.acm.org/doi/10.1145/2577080.2577085
Show More Cited By

Session types for access and information flow control
1. Security and privacy
  1. Systems security

Recommendations

Typing access control and secure information flow in sessions

We consider a calculus for multiparty sessions with delegation, enriched with security levels for session participants and data. We propose a type system that guarantees both session safety and a form of access control. Moreover, this type system ...
Haskell session types with (almost) no class
HASKELL '08

We describe an implementation of session types in Haskell. Session types statically enforce that client-server communication proceeds according to protocols. They have been added to several concurrent calculi, but few implementations of session types ...
Intrinsically-Typed Mechanized Semantics for Session Types
PPDP '19: Proceedings of the 21st International Symposium on Principles and Practice of Declarative Programming

Session types have emerged as a powerful paradigm for structuring communication-based programs. They guarantee type soundness and session fidelity for concurrent programs with sophisticated communication protocols. As type soundness proofs for languages ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

CONCUR'10: Proceedings of the 21st international conference on Concurrency theory

August 2010

600 pages

ISBN:3642153747

Editors:
Paul Gastin
Laboratoire Spécification et Vérification, ENS de Cachan & CNRS, Cachan cedex, France
,
François Laroussinie
LIAFA, Université Paris Diderot, Paris cedex 13, France

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 31 August 2010

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 27 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Derakhshan FBalzer SJia LGorla D(2021)Session logical relations for noninterferenceProceedings of the 36th Annual ACM/IEEE Symposium on Logic in Computer Science10.1109/LICS52264.2021.9470654(1-14)Online publication date: 29-Jun-2021
https://dl.acm.org/doi/10.1109/LICS52264.2021.9470654
Honda KYoshida NCarbone M(2016)Multiparty Asynchronous Session TypesJournal of the ACM10.1145/282769563:1(1-67)Online publication date: 3-Mar-2016
https://dl.acm.org/doi/10.1145/2827695
Tabareau NSüdholt MTanter ÉPeternier ABinder WErnst EHirschfeld R(2014)Aspectual session typesProceedings of the 13th international conference on Modularity10.1145/2577080.2577085(193-204)Online publication date: 22-Apr-2014
https://dl.acm.org/doi/10.1145/2577080.2577085
Honda KMukhamedov ABrown GChen TYoshida N(2011)Scribbling interactions with a formal foundationProceedings of the 7th international conference on Distributed computing and internet technology10.5555/1964505.1964510(55-75)Online publication date: 9-Feb-2011
https://dl.acm.org/doi/10.5555/1964505.1964510
Deniélou PYoshida NBall TSagiv M(2011)Dynamic multirole session typesProceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages10.1145/1926385.1926435(435-446)Online publication date: 26-Jan-2011
https://dl.acm.org/doi/10.1145/1926385.1926435
Deniélou PYoshida N(2011)Dynamic multirole session typesACM SIGPLAN Notices10.1145/1925844.192643546:1(435-446)Online publication date: 26-Jan-2011
https://dl.acm.org/doi/10.1145/1925844.1926435
Bono VCapecchi SCastellani IDezani-Ciancaglini M(2011)A reputation system for multirole sessionsProceedings of the 6th international conference on Trustworthy Global Computing10.1007/978-3-642-30065-3_1(1-24)Online publication date: 9-Jun-2011
https://dl.acm.org/doi/10.1007/978-3-642-30065-3_1

View Options

View options

Figures

Tables

Media

View Table of Conten