English
Related papers

Related papers: A Calculus for Flow-Limited Authorization

200 papers

Controlling resource usage in distributed systems is a challenging task given the dynamics involved in access granting. Consider, for instance, the setting of floating licenses where access can be granted if the request originates in a…

Programming Languages · Computer Science 2018-02-19 Jovanka Pantovic , Ivan Prokic , Hugo Torres Vieira

Security requirements in distributed software systems are inherently dynamic. In the case of authorization policies, resources are meant to be accessed only by authorized parties, but the authorization to access a resource may be…

Logic in Computer Science · Computer Science 2016-02-12 Silvia Ghilezan , Svetlana Jakšić , Jovanka Pantović , Jorge A. Pérez , Hugo Torres Vieira

Availability is crucial to the security of distributed systems, but guaranteeing availability is hard, especially when participants in the system may act maliciously. Quorum replication protocols provide both integrity and availability:…

Programming Languages · Computer Science 2022-05-10 Priyanka Mondal , Maximilian Algehed , Owen Arden

The dependency core calculus (DCC), a simple extension of the computational lambda calculus, captures a common notion of dependency that arises in many programming language settings. This notion of dependency is closely related to the…

Programming Languages · Computer Science 2010-04-09 Avik Chaudhuri

We present the Flow-Limited Authorization First-Order Logic (FLAFOL), a logic for reasoning about authorization decisions in the presence of information-flow policies. We formalize the FLAFOL proof system, characterize its proof-theoretic…

Cryptography and Security · Computer Science 2020-12-11 Andrew K. Hirsch , Pedro H. Azevedo de Amorim , Ethan Cecchetti , Ross Tate , Owen Arden

In distributed transaction processing, atomic commit protocol (ACP) is used to ensure database consistency. With the use of commodity compute nodes and networks, failures such as system crashes and network partitioning are common. It is…

Distributed, Parallel, and Cluster Computing · Computer Science 2023-03-03 Hexiang Pan , Quang-Trung Ta , Meihui Zhang , Yeow Meng Chee , Gang Chen , Beng Chin Ooi

Static information flow control (IFC) systems provide the ability to restrict data flows within a program, enabling vulnerable functionality or confidential data to be statically isolated from unsecured data or program logic. Despite the…

Programming Languages · Computer Science 2022-10-25 Hemant Gouni , Jonathan Aldrich

Role-Based Access Control (RBAC) struggles to adapt to dynamic enterprise environments with documents that contain information that cannot be disclosed to specific user groups. As these documents are used by LLM-driven systems (e.g., in…

Cryptography and Security · Computer Science 2025-12-24 Michele Lorenzo , Idilio Drago , Dario Salvadori , Fabio Romolo Vayr

The autonomy and contextual complexity of LLM-based agents render traditional access control (AC) mechanisms insufficient. Static, rule-based systems designed for predictable environments are fundamentally ill-equipped to manage the dynamic…

Multiagent Systems · Computer Science 2025-10-21 Xinfeng Li , Dong Huang , Jie Li , Hongyi Cai , Zhenhong Zhou , Wei Dong , XiaoFeng Wang , Yang Liu

Role-Based Access Control (RBAC) is a popular authorization model used to manage data-access constraints in a wide range of systems. RBAC usually defines the static view on the access rights. However, to ensure dependability of a system, it…

Software Engineering · Computer Science 2018-05-16 Inna Vistbakka , Elena Troubitsyna

Security researchers have stated that the core concept behind current implementations of access control predates the Internet. These assertions are made to pinpoint that there is a foundational gap in this field, and one should consider…

Cryptography and Security · Computer Science 2016-09-16 Yvo Desmedt , Arash Shaghaghi

Encrypting data before sending it to the cloud protects it against hackers and malicious insiders, but requires the cloud to compute on encrypted data. Trusted (hardware) modules, e.g., secure enclaves like Intel's SGX, can very efficiently…

Cryptography and Security · Computer Science 2017-10-03 Andreas Fischer , Benny Fuhry , Florian Kerschbaum , Eric Bodden

The problems which are important for the effective functioning of an access control policy in a large information system (LIS) are selected. The general concept of a local optimization of a role-based access control (RBAC) model is…

Cryptography and Security · Computer Science 2018-12-27 N. F. Bogachenko

This paper introduces language-based agent control (LBAC), a new programming model for agentic applications that brings techniques from programming languages and language-based security to the problem of agent control. In conventional…

Programming Languages · Computer Science 2026-05-14 Timothy Zhou , Loris D'Antoni , Nadia Polikarpova

The problem of optimal authorization of a user in a system with a role-based access control policy is considered. The main criterion is to minimize the risks of permission leakage. The choice of the role for authorization is based on the…

Cryptography and Security · Computer Science 2018-12-21 S. V. Belim , S. Yu. Belim , N. F. Bogachenko , A. N. Kabanov

Information flow security is classically formulated in terms of the absence of illegal information flows, with respect to a security setting consisting of a single flow policy that specifies what information flows should be permitted in the…

Programming Languages · Computer Science 2019-01-09 Ana Almeida Matos , Jan Cederquist

The ability to enforce robust and dynamic access controls on cloud-hosted data while simultaneously ensuring confidentiality with respect to the cloud itself is a clear goal for many users and organizations. To this end, there has been much…

Cryptography and Security · Computer Science 2016-04-28 William C. Garrison , Adam Shull , Steven Myers , Adam J. Lee

Preventing implicit information flows by dynamic program analysis requires coarse approximations that result in false positives, because a dynamic monitor sees only the executed trace of the program. One widely deployed method is the…

Cryptography and Security · Computer Science 2015-06-17 Abhishek Bichhawat , Vineet Rajani , Deepak Garg , Christian Hammer

Flow-sensitive analysis for information-flow control (IFC) allows data structures to have mutable security labels, i.e., labels that can change over the course of the computation. This feature is often used to boost the permissiveness of…

Cryptography and Security · Computer Science 2015-07-23 Pablo Buiras , Deian Stefan , Alejandro Russo

In large databases, creating user interface for browsing or performing insertion, deletion or modification of data is very costly in terms of programming. In addition, each modification of an access control policy causes many potential and…

Cryptography and Security · Computer Science 2015-06-01 Kambiz Ghazinour , Mehdi Ghayoumi
‹ Prev 1 2 3 10 Next ›