Evidence-based AuditJeff VaughanLimin Jia, Karl Mazurak, and Steve ZdancewicDepartment of Computer and Information ScienceUniversity of PennsylvaniaCSF/LICS Joint SessionJune 24, 2008Our Setting: Distributed Access ControlA p p l i c a t i o n D a t aR e s o u r c e P r o o fP r i n c i p a l1/23Our Setting: Distributed Access ControlA p p l i c a t i o n D a t aR e s o u r c e P r o o fP r i n c i p a l1/23Our Setting: Distributed Access ControlA p p l i c a t i o n D a t aR e s o u r c e P r o o fP r i n c i p a l1/23Our Setting: Distributed Access ControlA p p l i c a t i o n D a t aR e s o u r c e P r o o fP r i n c i p a l1/23Key Idea: Proofs attest to data integrity.{ , }{ , }{ , }Application DataResource ProofPrincipal2/23[Necula+ 98]Today’s TalkAnalyzing the local security of Aura applications.The Aura ProjectA programming language called AuraA propositional fragment, modeled here by Aura0An ML-like computation language [Jia+ 08]A security aware programming modelactive, potentially malicious principalsmutual distrust between applications and principalsemphasis on access control and auditAn implementation including complier and .Net-based runtime3/23The Aura ProjectA programming language called AuraA propositional fragment, modeled here by Aura0An ML-like computation language [Jia+ 08]A security aware programming modelactive, potentially malicious principalsmutual distrust between applications and ...
Jeff Vaughan Limin Jia, Karl Mazurak, and Steve Zdancewic
Department of Computer and Information Science University of Pennsylvania
CSF/LICS Joint Session June 24, 2008
Our
Setting:
Distributed
Access
Control
1/23
Our
Setting:
Distributed
Access
Control
1/23
Our
Setting:
Distributed
Access
Control
1/23
Our
Setting:
Distributed
Access
Control
1/23
Key
Idea:
Pro
[Necula+
ofs
98]
attest
to
data
integrity.
2/23
The
Aura Project
A programming language called Aura A propositional fragment, modeled here by Aura0 An ML-like computation language [Jia+ 08] A security aware programming model active, potentially malicious principals mutual distrust between applications and principals emphasis on access control and audit
An implementation including complier and .Net-based runtime
3/23
The Aura Project
A programming language called Aura A propositional fragment, modeled here by Aura0 An ML-like computation language [Jia+ 08] A security aware programming model active, potentially malicious principals mutual distrust between applications and principals emphasis on access control and audit An implementation including complier and .Net-based runtime
Today’s Talk
Analyzing the local security of Aura applications.