Abstract

Recently, a new approach has been developed: the use of programming language techniques for specifying and enforcing end to end information flow security policies, well known as security-typed programming languages or language-based information flow security. In this talk, I will introduce briefly the basic idea of language based information flow security approach. Next I will present a case of study in this approach, the restricted delegation and revocation language (RDRL), a new domain specific security typed programming language for enforcing information flow policies that varies dynamically due to delegation among principals or later revocation. The the design of RDRL will be presented concerning its syntax (illustrated with some motivating examples) as well as its operational and error semantics. Moreover the implementation of RDRL using the language specification formalism ASF+SDF will be presented . Finally I will conclude with some directions for future work.