Skip to main content
    • Aa
    • Aa

Roles, stacks, histories: A triple for Hoare


Behavioral type and effect systems regulate properties such as adherence to object and communication protocols, dynamic security policies, avoidance of race conditions, and many others. Typically, each system is based on some specific syntax of constraints, and is checked with an ad hoc solver. Instead, we advocate types refined with first-order logic formulas as a basis for behavioral type systems, and general purpose automated theorem provers as an effective means of checking programs. To illustrate this approach, we define a triple of security-related type systems: for role-based access control, for stack inspection, and for history-based access control. The three are all instances of a refined state monad. Our semantics allows a precise comparison of the similarities and differences of these mechanisms. In our examples, the benefit of behavioral type-checking is to rule out the possibility of unexpected security exceptions, a common problem with code-based access control.

Linked references
Hide All

This list contains references from the content that can be linked to their source. For a full set of references and notes please see the PDF or HTML where available.

A. Banerjee & D. Naumann (2005a) History-based access control and secure information flow. In Construction and Analysis of Safe, Secure and Interoperable Smart Devices (CASSIS 2004), G. Barthe , L. Burdy , M. Huisman , J.-L. Lanet & T. Muntean (eds), Lecture Notes in Computer Science, vol. 3362. Berlin Heidelberg, Germany: Springer, pp. 2748.

L. de Moura & N. Bjørner (2008) Z3: An efficient SMT solver. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS'08), C. R. Ramakrishnan & J. Rehof (eds), Lecture Notes in Computer Science, vol. 4963. Berlin Heidelberg, Germany: Springer, pp. 337340.

L. Jia , J. A. Vaughan , K. Mazurak , J. Zhao , L. Zarko , J. Schorr & S. Zdancewic (2008) AURA: Preliminary Technical Results. Technical Report MS-CIS-08-10, University of Pennsylvania.

Y. Régis-Gianas & F. Pottier (2008) A Hoare logic for call-by-value functional programs. In Mathematics of Program Construction (MPC'08), P. Adebaud & C. Paulin-Mohring (eds), Lecture Notes in Computer Science, vol. 5133. Berlin Heidelberg, Germany: Springer, pp. 305335.

Recommend this journal

Email your librarian or administrator to recommend adding this journal to your organisation's collection.

Journal of Functional Programming
  • ISSN: 0956-7968
  • EISSN: 1469-7653
  • URL: /core/journals/journal-of-functional-programming
Please enter your name
Please enter a valid email address
Who would you like to send this to? *


Full text views

Total number of HTML views: 0
Total number of PDF views: 6 *
Loading metrics...

Abstract views

Total abstract views: 169 *
Loading metrics...

* Views captured on Cambridge Core between September 2016 - 22nd September 2017. This data will be updated every 24 hours.