skip to main content
research-article

Security-typed programming within dependently typed programming

Published:27 September 2010Publication History
Skip Abstract Section

Abstract

Several recent security-typed programming languages, such as Aura, PCML5, and Fine, allow programmers to express and enforce access control and information flow policies. In this paper, we show that security-typed programming can be embedded as a library within a general-purpose dependently typed programming language, Agda. Our library, Aglet, accounts for the major features of existing security-typed programming languages, such as decentralized access control, typed proof-carrying authorization, ephemeral and dynamic policies, authentication, spatial distribution, and information flow. The implementation of Aglet consists of the following ingredients: First, we represent the syntax and proofs of an authorization logic, Garg and Pfenning's BL0, using dependent types. Second, we implement a proof search procedure, based on a focused sequent calculus, to ease the burden of constructing proofs. Third, we represent computations using a monad indexed by pre- and post-conditions drawn from the authorization logic, which permits ephemeral policies that change during execution. We describe the implementation of our library and illustrate its use on a number of the benchmark examples considered in the literature.

Skip Supplemental Material Section

Supplemental Material

icfp-tues-1215-licata.mov

References

  1. }}M. Abadi. Access control in a core calculus of dependency. In Internatonal Conference on Functional Programming, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. }}M. Abadi. Variations in access control logic. In International Conference on Deontic Logic in Computer Science, pages 96--109. Springer-Verlag, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. }}M. Abadi, M. Burrows, B. Lampson, and G. Plotkin. A calculus for access control in distributed systems. ACM Transactions on Programming Languages and Systems, 15 (4): 706--734, September 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. }}M. Abadi, A. Banerjee, N. Heintze, and J. G. Riecke. A core calculus of dependency. In ACM Symposium on Principles of Programming Languages, pages 147--160. ACM Press, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. }}T. Altenkirch and C. McBride. Generic programming within dependently typed programming. In IFIP TC2 Working Conference on Generic Programming, Schloss Dagstuhl, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. }}J.-M. Andreoli. Logic programming with focusing proofs in linear logic. Journal of Logic and Computation, 2 (3): 297--347, 1992.Google ScholarGoogle ScholarCross RefCross Ref
  7. }}A. W. Appel and E. W. Felten. Proof-carrying authentication. In ACM Conference on Computer and Communications Security, pages 52--62, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. }}K. Avijit and R. Harper. A language for access control. Technical Report CMU-CS-07-140, Carnegie Mellon University, Computer Science Department, 2007.Google ScholarGoogle Scholar
  9. }}K. Avijit, A. Datta, and R. Harper. Distributed programming with distributed authorization. In ACM SIGPLAN-SIGACT Symposium on Types in Language Design and Implementation, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. }}L. Bauer, S. Garriss, J. M. Mccune, M. K. Reiter, J. Rouse, and P. Rutenbar. Device-enabled authorization in the Grey System. In Proceedings of the 8th Information Security Conference, pages 431--445. Springer Verlag LNCS, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. }}J. Bengtson, K. Bhargavan, C. Fournet, A. Gordon, and S. Maffeis. Refinement types for secure implementations. In Computer Science Logic, 2008.Google ScholarGoogle Scholar
  12. }}J. Borgström, A. D. Gordon, and R. Pucella. Roles, Stacks, Histories: A Triple for Hoare. Technical Report MSR-TR-2009-97, Microsoft Research, 2009.Google ScholarGoogle Scholar
  13. }}A. Chaudhuri and D. Garg. PCAL: Language support for proof-carrying authorization systems. In Proceedings of the 14th European Symposium on Research in Computer Security, September 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. }}S. Chong, A. C. Myers, K. Vikram, and L. Zheng. Jif reference manual. Available from http://www.cs.cornell.edu/jif/doc/jif-3.3.0/manual.html|, February 2009.Google ScholarGoogle Scholar
  15. }}T. Chothia, D. Duggan, and J. Vitek. Type-based distributed access control (extended abstract). In Computer Security Foundations Workshop, 2003.Google ScholarGoogle ScholarCross RefCross Ref
  16. }}H. DeYoung and F. Pfenning. Reasoning about the consequences of authorization policies in a linear epistemic logic. In Workshop on Foundations of Computer Security, 2009.Google ScholarGoogle Scholar
  17. }}H. DeYoung, D. Garg, and F. Pfenning. An authorization logic with explicit time. In IEEE Computer Security Foundations Symposium, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. }}D. J. Dougherty, K. Fisler, and S. Krishnamurthi. Specifying and reasoning about dynamic access-control policies. In International Joint Conference on Automated Reasoning, pages 632--646. Springer, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. }}C. Fournet, A. D. Gordon, and S. Maffeis. A type discipline for authorization in distributed systems. In Computer Science Logic, 2007.Google ScholarGoogle Scholar
  20. }}D. Garg. Proof Theory for Authorization Logic and its Application to a Practical File System. PhD thesis, Carnegie Mellon University, 2009.Google ScholarGoogle Scholar
  21. }}D. Garg. Proof search in an authorization logic. Technical Report CMU-CS-09-121, Computer Science Department, Carnegie Mellon University, April 2009.Google ScholarGoogle ScholarCross RefCross Ref
  22. }}D. Garg and F. Pfenning. Non-interference in constructive authorization logic. In Computer Security Foundations Workshop, pages 183--293, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. }}D. Garg and F. Pfenning. PCFS: A proof-carrying file system. Technical Report CMU-CS-09-123, Carnegie Mellon University, 2009.Google ScholarGoogle ScholarCross RefCross Ref
  24. }}L. Jia, J. A. Vaughan, K. Mazurak, J. Zhao, L. Zarko, J. Schorr, and S. Zdancewic. Aura: A programming language for authorization and audit. In ACM SIGPLAN International Conference on Functional Programming, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. }}K. Kariso. Integrating Agda and automated theorem proving techniques. Talk at Dependently Typed Programming Workshop, 2010.Google ScholarGoogle Scholar
  26. }}S. Krishnamurthi. The CONTINUE server (or, How I administered PADL 2002 and 2003). In International Symposium on Practical Aspects of Declarative Languages, pages 2--16. Springer-Verlag, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. }}D. R. Licata and R. Harper. A monadic formalization of ML5. In Pre-preceedings of Workshop on Logical Frameworks and Meta-languages: Theory and Practice, July 2010.Google ScholarGoogle ScholarCross RefCross Ref
  28. }}J. Morgenstern and D. R. Licata. Security-typed programming within dependently typed programming. Technical Report CMU-CS-10--114, Carnegie Mellon University, 2010.Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. }}T. Murphy, VII. Modal Types for Mobile Code. PhD thesis, Carnegie Mellon, January 2008. Available as technical report CMU-CS-08-126. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. }}A. Nanevski, G. Morrisett, and L. Birkedal. Polymorphism and separation in Hoare Type Theory. In ACM SIGPLAN International Conference on Functional Programming, pages 62--73, Portland, Oregon, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. }}A. Nanevski, G. Morrisett, A. Shinnar, P. Govereau, and L. Birkedal. Ynot: Reasoning with the awkward squad. In ACM SIGPLAN International Conference on Functional Programming, 2008.Google ScholarGoogle Scholar
  32. }}U. Norell. Towards a practical programming language based on dependent type theory. PhD thesis, Chalmers University of Technology, 2007.Google ScholarGoogle Scholar
  33. }}F. Pfenning and R. Davies. A judgmental reconstruction of modal logic. Mathematical Structures in Computer Science, 11: 511--540, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. }}F. Pfenning and R. J. Simmons. Substructural operational semantics as ordered logic programming. In IEEE Symposium on Logic In Computer Science, pages 101--110, Los Alamitos, CA, USA, September 2009. IEEE Computer Society. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. }}G. Plotkin and M. Pretnar. Handlers of algebraic effects. In European Symposium on Programming, pages 80--94. Springer-Verlag, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. }}A. Russo, K. Claessen, and J. Hughes. A library for light-weight information-flow security in Haskell. In ACM SIGPLAN Symposium on Haskell, pages 13--24. ACM, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. }}N. Swamy, B. J. Corcoran, and M. Hicks. Fable: A language for enforcing user-defined security policies. In IEEE Symposium on Security and Privacy, pages 369--383. IEEE Computer Society, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. }}N. Swamy, J. Chen, and R. Chugh. Enforcing stateful authorization and information flow policies in Fine. In European Symposium on Programming, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. }}J. A. Vaughan, L. Jia, K. Mazurak, and S. Zdancewic. Evidence-based audit. In IEEE Computer Security Foundations Symposium, June 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. }}E. Wobber, M. Abadi, M. Burrows, and B. Lampson. Authentication in the Taos operating system. ACM Transactions On Computer Systems, 12 (1): 3--32, 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Security-typed programming within dependently typed programming

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM SIGPLAN Notices
          ACM SIGPLAN Notices  Volume 45, Issue 9
          ICFP '10
          September 2010
          382 pages
          ISSN:0362-1340
          EISSN:1558-1160
          DOI:10.1145/1932681
          Issue’s Table of Contents
          • cover image ACM Conferences
            ICFP '10: Proceedings of the 15th ACM SIGPLAN international conference on Functional programming
            September 2010
            398 pages
            ISBN:9781605587943
            DOI:10.1145/1863543

          Copyright © 2010 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 27 September 2010

          Check for updates

          Qualifiers

          • research-article

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        ePub

        View this article in ePub.

        View ePub
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!