Abstract
Adaptive systems improve their efficiency, by modifying their behaviour to respond to changes in their operational environment. Also, security must adapt to these changes and policy enforcement becomes dependent on the dynamic contexts. We extend (the core of) an adaptive functional language with primitives to enforce security policies on the code execution, and we exploit a static analysis to instrument programs. The introduced checks guarantee that no violation of the required security policies occurs.
Work partially supported by the MIUR-PRIN project Security Horizons.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Achermann, F., Lumpe, M., Schneider, J., Nierstrasz, O.: PICCOLA-a small composition language. In: Formal Methods for Distributed Processing. Cambridge University Press (2001)
Al-Neyadi, F., Abawajy, J.H.: Context-based E-health system access control mechanism. In: Park, J.H., Zhan, J., Lee, C., Wang, G., Kim, T.-h., Yeo, S.-S. (eds.) ISA 2009. CCIS, vol. 36, pp. 68–77. Springer, Heidelberg (2009)
Appeltauer, M., Hirschfeld, R., Haupt, M., Masuhara, H.: ContextJ: Context-oriented programming with Java. Computer Software 28(1) (2011)
Bartoletti, M., Degano, P., Ferrari, G.L., Zunino, R.: Local policies for resource usage analysis. ACM Trans. Program. Lang. Syst. 31(6) (2009)
Bonatti, P., De Capitani Di Vimercati, S., Samarati, P.: An algebra for composing access control policies. ACM Transactions on Information and System Security 5(1), 1–35 (2002)
Campbell, R., Al-Muhtadi, J., Naldurg, P., Sampemane, G., Mickunas, M.D.: Towards security and privacy for pervasive computing. In: Okada, M., Babu, C. S., Scedrov, A., Tokuda, H. (eds.) ISSS 2002. LNCS, vol. 2609, pp. 1–15. Springer, Heidelberg (2003)
Cardelli, L., Gordon, A.D.: Mobile ambients. Theor. Comput. Sci. 240(1), 177–213 (2000)
Ceri, S., Gottlob, G., Tanca, L.: What you always wanted to know about datalog (and never dared to ask). IEEE Trans. on Knowl. and Data Eng. 1(1), 146–166 (1989)
Costanza, P.: Language constructs for context-oriented programming. In: Proc. of the Dynamic Languages Symposium, pp. 1–10. ACM Press (2005)
Deng, M., Cock, D.D., Preneel, B.: Towards a cross-context identity management framework in e-health. Online Information Review 33(3), 422–442 (2009)
DeTreville, J.: Binder, a Logic-Based Security Language. In: Proc. of the 2002 IEEE Symposium on Security and Privacy, SP 2002, pp. 105–113. IEEE Computer Society (2002)
Eiter, T., Gottlob, G., Mannila, H.: Disjunctive datalog. ACM Transactions on Database Systems 5(1), 1–35 (1997)
Galletta, L.: Adaptivity: linguistic mechanisms and static analysis techniques. Ph.D. thesis, University of Pisa (2014), http://www.di.unipi.it/~galletta/phdThesis.pdf
Heer, T., Garcia-Morchon, O., Hummen, R., Keoh, S., Kumar, S., Wehrle, K.: Security challenges in the IP-based internet of things. Wireless Personal Communications, 1–16 (2011)
Hirschfeld, R., Costanza, P., Nierstrasz, O.: Context-oriented programming. Journal of Object Technology 7(3), 125–151 (2008)
Hulsebosch, R., Salden, A., Bargh, M., Ebben, P., Reitsma, J.: Context sensitive access control. In: Proc. of the ACM Symposium on Access Control Models and Technologies, pp. 111–119 (2005)
Kamina, T., Aotani, T., Masuhara, H.: Eventcj: a context-oriented programming language with declarative event-based context transition. In: Proc. of the 10th International Conference on Aspect-Oriented Software Development (AOSD 2011), pp. 253–264. ACM (2011)
Li, N., Mitchell, J.C.: DATALOG with Constraints: A Foundation for Trust Management Languages. In: Dahl, V. (ed.) PADL 2003. LNCS, vol. 2562, pp. 58–73. Springer, Heidelberg (2002)
Loke, S.W.: Representing and reasoning with situations for context-aware pervasive computing: a logic programming perspective. Knowl. Eng. Rev. 19(3), 213–233 (2004)
Mycroft, A., O’Keefe, R.A.: A polymorphic type system for prolog. Artificial Intelligence 23(3), 295–307 (1984)
Riis Nielson, H., Nielson, F.: Flow logic: a multi-paradigmatic approach to static analysis. In: Mogensen, T.Æ., Schmidt, D.A., Sudborough, I.H. (eds.) The Essence of Computation. LNCS, vol. 2566, pp. 223–244. Springer, Heidelberg (2002)
Orsi, G., Tanca, L.: Context modelling and context-aware querying. In: de Moor, O., Gottlob, G., Furche, T., Sellers, A. (eds.) Datalog 2010. LNCS, vol. 6702, pp. 225–244. Springer, Heidelberg (2011)
Pasquale, L., Ghezzi, C., Menghi, C., Tsigkanos, C., Nuseibeh, B.: Topology Aware Adaptive Security (to appear in SEAMS 2014)
Pfleeger, C., Pfleeger, S.: Security in computing. Prentice Hall (2003)
Román, M., Hess, C., Cerqueira, R., Ranganathan, A., Campbell, R., Nahrstedt, K.: Gaia: a middleware platform for active spaces. ACM SIGMOBILE Mobile Computing and Communications Review 6(4), 65–67 (2002)
Wrona, K., Gomez, L.: Context-aware security and secure context-awareness in ubiquitous computing environments. In: XXI Autumn Meeting of Polish Information Processing Society (2005)
Zhang, G., Parashar, M.: Dynamic context-aware access control for grid applications. In: Proc. of Fourth International Workshop on Grid Computing, pp. 101–108. IEEE (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Bodei, C., Degano, P., Galletta, L., Salvatori, F. (2014). Linguistic Mechanisms for Context-Aware Security. In: Ciobanu, G., Méry, D. (eds) Theoretical Aspects of Computing – ICTAC 2014. ICTAC 2014. Lecture Notes in Computer Science, vol 8687. Springer, Cham. https://doi.org/10.1007/978-3-319-10882-7_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-10882-7_5
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-10881-0
Online ISBN: 978-3-319-10882-7
eBook Packages: Computer ScienceComputer Science (R0)