To: seminaire@pauillac.inria.fr From: James.Leifer@inria.fr Subject: SEM - INRIA : Moscova - 29/10/04 - Paris - FR Vous pouvez maintenant vous abonner à nos annonces de séminaires http://pauillac.inria.fr/seminaires/subscribe.html S E M I N A I R E . ___ / _ _ / _ / / / \ / \ / / __| / |___ |_/ |_/ / |__ |_/ |_ ___ . / / ___ __ /_ _ / _/ /| /| _ __ __ _ _ / / / /_ / __| / / |/ | / \ /_ / / \ | / __| |___ / / __/ |_ |_/ |_ / | |_/__/ |_ |_/ |/ |_/ I N R I A - Rocquencourt Amphi Turing du Bat 1. Vendredi 29 octobre, 10h30 ----------- Tom Chothia ----------- INRIA Futurs ===================================== Type-based Distributed Access Control ===================================== I will present a type system that combines a weak form of information flow control, termed distributed access control, with typed cryptographic operations. The motivation is to have a type system that ensures access control while giving the application the responsibility to secure network communications, and to do this safely. The notion of declassification certificates is introduced to support the declassification of encrypted data. Purely local type checking is extended to distributed systems by associating access control lists with cryptographic keys. When a piece of data is sent outside of a type checked area it is encrypted with a key that represents the list of principles that can access that data. When encrypted data is received, the access restrictions from the decryption key are used as the access control type. This work was carried out with Dominic Duggan and Jan Vitek.