Models and Types for Security in Mobile Distributed Systems

Obiettivo

Peer-to-peer computing on the Internet, mobile code downloading, and e-Commerce are already ubiquitous aspects of our computing environments. Casting a view to the immediate future, we see a global computational infrastructure emerging that will rely on the sharing of an open-ended distributed network of mobile resources among mobile computing agents. This infrastructure can only be successful insomuch as it provides adequate security guarantees of secrecy, integrity, availability, and more.
MyThS seeks to develop type-based foundational theories of security for mobile and distributed systems. By relying on strong typing as the basic principle, MyThS addresses the foundations of programming languages and paradigms that allow static detection of security violations, and aims at developing type theoretic methods and tools that enable formal analyses of security guarantees appropriate for systems and applications on the global computing platform.
Peer-to-peer computing on the Internet, mobile code downloading, and e-Commerce are already ubiquitous aspects of our computing environments. Casting a view to the immediate future, we see a global computational infrastructure emerging that will rely on the sharing of an open-ended distributed network of mobile resources among mobile computing agents. This infrastructure can only be successful insomuch as it provides adequate security guarantees of secrecy, integrity, availability, and more.
MyThS seeks to develop type-based foundational theories of security for mobile and distributed systems. By relying on strong typing as the basic principle, MyThS addresses the foundations of programming languages and paradigms that allow static detection of security violations, and aims at developing type theoretic methods and tools that enable formal analyses of security guarantees appropriate for systems and applications on the global computing platform.

DESCRIPTION OF WORK
MyThS is undertaken by a small consortium of partners that reflects the very focused nature of the project and its objectives. The workplan of the project unfolds in three major themes: resource access control, information flow control, and analysis of cryptographic protocols. These are central, challenging themes for the global computing area, with far-reaching impact on the development of high-level, reliable, network-aware programming languages. Two notions will be pivotal throughout the themes: model and types. Based on high-level process calculi, MyThS will develop formal models for distributed and mobile code environments. Such models will be defined so as to address the diverse requirements for secure communication and mobility in open-ended networks with highly dynamic topologies, in which cryptography is a necessary prerequisite for security. The fundamental vehicle for ensuring security will be provided by typing systems, intended both as prescriptive and descriptive tools, capable of constraining and characterising agents' behaviours and interactions. They will be used to enforce and analyse security properties in each of our themes of investigation. By weaving together these hitherto independent contexts, MyThS will form a broad, coherent foundation for trustworthy communication in a global environment.
The absence of central coordination, typical of the global computing network, will be a fundamental challenge for typing, as agents will not be able to trust that network objects comply with any given set of rules. MyThS will make provision for type systems to cope with this, by amalgamating techniques for static typing with new mechanisms for decentralised (dynamic) type-checking of distributed computing sites and migrating agents. Strong typing will provide formal guarantees of resilience against intended or accidental violations, and thus lay the foundations for the design of robust, high-level programming paradigms for global computing.

Campo scientifico (EuroSciVoc)

CORDIS classifica i progetti con EuroSciVoc, una tassonomia multilingue dei campi scientifici, attraverso un processo semi-automatico basato su tecniche NLP. Cfr.: Il Vocabolario Scientifico Europeo.

• scienze naturali informatica e scienze dell'informazione software
• scienze naturali informatica e scienze dell'informazione sicurezza informatica controllo degli accessi
• scienze naturali matematica matematica pura topologia
• scienze naturali informatica e scienze dell'informazione sicurezza informatica crittografia
• scienze naturali scienze fisiche meccanica classica meccanica dei fluidi dinamica dei fluidi

Programma(i)

Programmi di finanziamento pluriennali che definiscono le priorità dell’UE in materia di ricerca e innovazione.

• FP5-IST - Programme for research, technological development and demonstration on a "User-friendly information society, 1998-2002"

Argomento(i)

Gli inviti a presentare proposte sono suddivisi per argomenti. Un argomento definisce un’area o un tema specifico per il quale i candidati possono presentare proposte. La descrizione di un argomento comprende il suo ambito specifico e l’impatto previsto del progetto finanziato.

• IST-2001-6.2.2 - Global computing: co-operation of autonomous and mobile entities in dynamic environments

Invito a presentare proposte

Procedura per invitare i candidati a presentare proposte di progetti, con l’obiettivo di ricevere finanziamenti dall’UE.

Meccanismo di finanziamento

Meccanismo di finanziamento (o «Tipo di azione») all’interno di un programma con caratteristiche comuni. Specifica: l’ambito di ciò che viene finanziato; il tasso di rimborso; i criteri di valutazione specifici per qualificarsi per il finanziamento; l’uso di forme semplificate di costi come gli importi forfettari.

CSC - Cost-sharing contracts

Coordinatore

Partecipanti (2)