Models and Types for Security in Mobile Distributed Systems

Ziel

Peer-to-peer computing on the Internet, mobile code downloading, and e-Commerce are already ubiquitous aspects of our computing environments. Casting a view to the immediate future, we see a global computational infrastructure emerging that will rely on the sharing of an open-ended distributed network of mobile resources among mobile computing agents. This infrastructure can only be successful insomuch as it provides adequate security guarantees of secrecy, integrity, availability, and more.
MyThS seeks to develop type-based foundational theories of security for mobile and distributed systems. By relying on strong typing as the basic principle, MyThS addresses the foundations of programming languages and paradigms that allow static detection of security violations, and aims at developing type theoretic methods and tools that enable formal analyses of security guarantees appropriate for systems and applications on the global computing platform.
Peer-to-peer computing on the Internet, mobile code downloading, and e-Commerce are already ubiquitous aspects of our computing environments. Casting a view to the immediate future, we see a global computational infrastructure emerging that will rely on the sharing of an open-ended distributed network of mobile resources among mobile computing agents. This infrastructure can only be successful insomuch as it provides adequate security guarantees of secrecy, integrity, availability, and more.
MyThS seeks to develop type-based foundational theories of security for mobile and distributed systems. By relying on strong typing as the basic principle, MyThS addresses the foundations of programming languages and paradigms that allow static detection of security violations, and aims at developing type theoretic methods and tools that enable formal analyses of security guarantees appropriate for systems and applications on the global computing platform.

DESCRIPTION OF WORK
MyThS is undertaken by a small consortium of partners that reflects the very focused nature of the project and its objectives. The workplan of the project unfolds in three major themes: resource access control, information flow control, and analysis of cryptographic protocols. These are central, challenging themes for the global computing area, with far-reaching impact on the development of high-level, reliable, network-aware programming languages. Two notions will be pivotal throughout the themes: model and types. Based on high-level process calculi, MyThS will develop formal models for distributed and mobile code environments. Such models will be defined so as to address the diverse requirements for secure communication and mobility in open-ended networks with highly dynamic topologies, in which cryptography is a necessary prerequisite for security. The fundamental vehicle for ensuring security will be provided by typing systems, intended both as prescriptive and descriptive tools, capable of constraining and characterising agents' behaviours and interactions. They will be used to enforce and analyse security properties in each of our themes of investigation. By weaving together these hitherto independent contexts, MyThS will form a broad, coherent foundation for trustworthy communication in a global environment.
The absence of central coordination, typical of the global computing network, will be a fundamental challenge for typing, as agents will not be able to trust that network objects comply with any given set of rules. MyThS will make provision for type systems to cope with this, by amalgamating techniques for static typing with new mechanisms for decentralised (dynamic) type-checking of distributed computing sites and migrating agents. Strong typing will provide formal guarantees of resilience against intended or accidental violations, and thus lay the foundations for the design of robust, high-level programming paradigms for global computing.

Wissenschaftliches Gebiet (EuroSciVoc)

CORDIS klassifiziert Projekte mit EuroSciVoc, einer mehrsprachigen Taxonomie der Wissenschaftsbereiche, durch einen halbautomatischen Prozess, der auf Verfahren der Verarbeitung natürlicher Sprache beruht. Siehe: Das European Science Vocabulary.

• Naturwissenschaften Informatik und Informationswissenschaften Software
• Naturwissenschaften Informatik und Informationswissenschaften Computersicherheit Zugangskontrolle
• Naturwissenschaften Mathematik reine Mathematik Topologie
• Naturwissenschaften Informatik und Informationswissenschaften Computersicherheit Kryptografie
• Naturwissenschaften Naturwissenschaften klassische Mechanik Strömungsmechanik Fluiddynamik

Programm/Programme

Mehrjährige Finanzierungsprogramme, in denen die Prioritäten der EU für Forschung und Innovation festgelegt sind.

• FP5-IST - Programme for research, technological development and demonstration on a "User-friendly information society, 1998-2002"

Thema/Themen

Aufforderungen zur Einreichung von Vorschlägen sind nach Themen gegliedert. Ein Thema definiert einen bestimmten Bereich oder ein Gebiet, zu dem Vorschläge eingereicht werden können. Die Beschreibung eines Themas umfasst seinen spezifischen Umfang und die erwarteten Auswirkungen des finanzierten Projekts.

• IST-2001-6.2.2 - Global computing: co-operation of autonomous and mobile entities in dynamic environments

Aufforderung zur Vorschlagseinreichung

Verfahren zur Aufforderung zur Einreichung von Projektvorschlägen mit dem Ziel, eine EU-Finanzierung zu erhalten.

Finanzierungsplan

Finanzierungsregelung (oder „Art der Maßnahme“) innerhalb eines Programms mit gemeinsamen Merkmalen. Sieht folgendes vor: den Umfang der finanzierten Maßnahmen, den Erstattungssatz, spezifische Bewertungskriterien für die Finanzierung und die Verwendung vereinfachter Kostenformen wie Pauschalbeträge.

CSC - Cost-sharing contracts

Koordinator

Beteiligte (2)