966 research outputs found
A Distributed Calculus for Role-Based Access Control
Role-based access control (RBAC) is increasingly attracting attention because it reduces the complexity and cost of security administration by interposing the notion of role in the assignment of permissions to users. In this paper, we present a formal framework relying on an extension of the π calculus to study the behavior of concurrent systems in a RBAC scenario. We define a type system ensuring that the specified policy is respected during computations, and a bisimulation to equate systems. The theory is then applied to three meaningful examples, namely finding the ‘minimal’ policy to run a given system, refining a system to be run under a given policy (whenever possible), and minimizing the number of users in a given system without changing the overall behavior
Role-based access control for a distributed calculus
Role-based access control (RBAC) is increasingly attracting attention because it reduces the complexity and cost of security administration by interposing the notion of role in the assignment of permissions to users. In this paper, we present a formal framework relying on an extension of the -calculus to study the behaviour of concurrent systems in a RBAC scenario. We define a type system ensuring that the specified policy is respected during computations, and a behavioural equivalence to equate systems. We then consider a more sophisticated feature that can be easily integrated in our framework, i.e., the possibility of automatically adding role activations and deactivations to processes to be run under a given policy (whenever possible). Finally, we show how the framework can be easily extended to express significant extensions of the core RBAC model, such as roles hierarchies or constraints determining the acceptability of the system components
Security Policies as Membranes in Systems for Global Computing
We propose a simple global computing framework, whose main concern is code migration. Systems are structured in sites, and each site is divided into two parts: a computing body, and a membrane which regulates the interactions between the computing body and the external environment. More precisely, membranes are filters which control access to the associated site, and they also rely on the well-established notion of trust between sites. We develop a basic theory to express and enforce security policies via membranes. Initially, these only control the actions incoming agents intend to perform locally. We then adapt the basic theory to encompass more sophisticated policies, where the number of actions an agent wants to perform, and also their order, are considered
Conflict vs Causality in Event Structures
Event structures are one of the best known models for concurrency. Many variants of the basic model and many possible notions of equivalence for them have been devised in the literature. In this paper, we study how the spectrum of equivalences for Labelled Prime Event Structures built by Van Glabbeek and Goltz changes if we consider two simplified notions of event structures: the first one is obtained by removing the causality relation (Coherence Spaces) and the second one by removing the conflict relation (Elementary Event Structures). As expected, in both cases the spectrum turns out to be simplified, since some notions of equivalence coincide in the simplified settings; actually, we prove that removing causality simplifies the spectrum considerably more than removing conflict. Furthermore, we also prove that the labeling of events and a property that we call finitariness strongly influence the spectrum of equivalences in the conflict-free setting, whereas they have no impact on the causality-free spectrum
Approximate model counting, sparse XOR constraints and minimum distance
The problem of counting the number of models of a given Boolean formula has numerous applications, including computing the leakage of deterministic programs in Quantitative Information Flow. Model counting is a hard, #P-complete problem. For this reason, many approximate counters have been developed in the last decade, offering formal guarantees of confidence and accuracy. A popular approach is based on the idea of using random XOR constraints to, roughly, successively halving the solution set until no model is left: this is checked by invocations to a SAT solver. The effectiveness of this procedure hinges on the ability of the SAT solver to deal with XOR constraints, which in turn crucially depends on the length of such constraints. We study to what extent one can employ sparse, hence short, constraints, keeping guarantees of correctness. We show that the resulting bounds are closely related to the geometry of the set of models, in particular to the minimum Hamming distance between models. We evaluate our theoretical results on a few concrete formulae. Based on our findings, we finally discuss possible directions for improvements of the current state of the art in approximate model counting
Le monete di Palazzo Pignano: vecchie acquisizioni, nuove scoperte
Nel contributo sono pubblicate tutte le monete rinvenute nel sito di Palazzo Pignano dalle prime indagini del secolo scorso fino agli scavi archeologici più recent
Semantic subtyping for objects and classes
There are two approaches for defining subtyping relations: the syntactic and the semantic one. In the semantic approach one starts from a model of the language of interest and an interpretation of types as subsets of the model. The subtyping relation is then defined as inclusion of sets denoting types. An orthogonal issue, typical of object-oriented languages, is the issue of nominal vs. structural subtyping. We aim to integrate structural subtyping with boolean connectives and semantic subtyping for a object-oriented core language and define a Java-like programming platform that exploits the benefits of both approaches, expressible in terms of code reuse and of compactness of program writing
- …
