الفهرس 
Chapter 1Only 14 pages are availabe for public view
 |  | from | 189 |  |  |
| | | from | 189 | | |
Abstract
Today, many security application vulnerabilitics, especially those that are
related to web applications can be viewed as an insecure information flow
problem and the different security mechanisms such as access control and
encryption are not enough to guarantee a secure information flow.
Recently, a new approach has been developed: the use of programming
language techniques for specifying and enforcing end to end information-flow
policies, well known as security-typed programming languages or language-
based security. In these languages, data types are annotated with security
labels in order to identify the confidentiality and/or integrity policies for
each data element. A security label is a pair of a confidentiality policy and
an integrity policy, which specifies the principals or entities allowed to read
or influence the value of the data. respectively. The specification of prin-
cipals in those languages allows modeling different roles in the application
program with different security concerns such as users, groups and processes.
In practical applications, language constructs for delegation and revocation
among principals are desired in order to permit a temporary information flow
from one principal (the gran or) to a certain principale (the delegatee) and
to renounce a prior permission.
A general form of delegation is already present in some security typed
programming languages such as Jif, a well known standard for security typed
programming languages. Using delegation in this language a principal p
can act for another principal q (i.e., any action taken by principal q is also
authorized for principal p).