Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

PCAL: Language Support for Proof-Carrying Authorization Systems

Summary: PCAL: Language Support for
Proof-Carrying Authorization Systems
Avik Chaudhuri1
and Deepak Garg2
University of Maryland, College Park
Carnegie Mellon University
Abstract. By shifting the burden of proofs to the user, a proof-carrying
authorization (PCA) system can automatically enforce complex access
control policies. Unfortunately, managing those proofs can be a daunting
task for the user. In this paper we develop a Bash-like language, PCAL,
that can automate correct and efficient use of a PCA interface. Given a
PCAL script, the PCAL compiler tries to statically construct the proofs
required for executing the commands in the script, while re-using proofs
to the extent possible and rewriting the script to construct the remaining
proofs dynamically. We obtain a formal guarantee that if the policy does
not change between compile time and run time, then the compiled script
cannot fail due to access checks at run time.
1 Introduction


Source: Andrews, Peter B. - Department of Mathematical Sciences, Carnegie Mellon University


Collections: Mathematics