Abstract
Referential integrity, which guarantees that named resources can be accessed when referenced, is an important property for reliability and security. In distributed systems, however, the attempt to provide referential integrity can itself lead to security vulnerabilities that are not currently well understood. This paper identifies three kinds of referential security vulnerabilities related to the referential integrity of distributed, persistent information. Security conditions corresponding to the absence of these vulnerabilities are formalized. A language model is used to capture the key aspects of programming distributed systems with named, persistent resources in the presence of an adversary. The referential security of distributed systems is proved to be enforced by a new type system. © 2014 Springer-Verlag.
Cite
CITATION STYLE
Liu, J., & Myers, A. C. (2014). Defining and enforcing referential security. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8414 LNCS, pp. 199–219). Springer Verlag. https://doi.org/10.1007/978-3-642-54792-8_11
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
