Information Flow Security for Asynchronous, Distributed, and Mobile Applications

Felipe Luna del Aguila 1
1 OASIS - Active objects, semantics, Internet and security
CRISAM - Inria Sophia Antipolis - Méditerranée , Laboratoire I3S - COMRED - COMmunications, Réseaux, systèmes Embarqués et Distribués
Abstract : The objective for this work is to propose a security solution to regulate information flows, specifically through an access and flow control mechanism, targeted to distributed applications using active objects with asynchronous communications. It includes a security policy and the mechanism that will enforce the rules present in such policies.
Data confidentiality and secure information flows is provided through dynamic checks in communications. While information flows are generally verified statically, our attention is focused on dynamic verifications. To achieve it, the proposed model has an information control policy that includes discretionary rules, and because these rules are by nature dynamically enforceable, it is possible to take advantage of the dynamic checks to carry out at the same time all mandatory checks. As another advantage of this approach, dynamic checks do not require to modify compilers, do not alter the programming language, do not require modifications to existing source codes, and provide flexibility at run-time. Thus, dynamic checks fit well in a middleware layer which, in a non-intrusive manner, provides and ensures security services to upper-level applications. The underlying programming model is based on active objects, asynchronous communications, and data-flow synchronizations.
Complete list of metadatas

https://tel.archives-ouvertes.fr/tel-00010545
Contributor : Luna del Aguila Felipe <>
Submitted on : Tuesday, October 11, 2005 - 5:01:17 PM
Last modification on : Monday, November 5, 2018 - 3:36:03 PM
Long-term archiving on : Friday, September 14, 2012 - 3:05:23 PM

Identifiers

  • HAL Id : tel-00010545, version 1

Collections

Citation

Felipe Luna del Aguila. Information Flow Security for Asynchronous, Distributed, and Mobile Applications. Modeling and Simulation. Université Nice Sophia Antipolis, 2005. English. ⟨tel-00010545⟩

Share

Metrics

Record views

394

Files downloads

1104