25/01/2016 – Talk by Pierpaolo Degano

Title:  Context-aware Security: Linguistic Mechanisms and Static Analysis
Time: 14:00
Location: Meeting room, building Zeta
Type: Research Result
Speaker: Pierpaolo Degano
Adaptive systems improve their efficiency by modifying their behaviour to respond to changes in their operational environment. Also, security must adapt to these changes and policy enforcement becomes dependent on the dynamic contexts. We study these issues within (the core of) an adaptive declarative language proposed recently. A main characteristic of this language is to have two components: a logical one for handling the context and a functional one for computing. We extend it with security policies that are expressed in logical terms. They are of two different kinds: context and application policies. The first, unknown a priori to an application, protect the context from unwanted changes. The others protect the applications from malicious actions of the context, can be nested and can be activated and deactivated according to their scope. An execution step can occur only if all the policies in force hold, under the control of an execution monitor. Beneficial to this is a type and effect system, which safely approximates the behaviour of an application, and a further static analysis, based on the computed effect. The last analysis can only be carried on at load time, when the execution context is known, and it enables us to efficiently enforce the security policies on the code execution, by instrumenting applications. The monitor is thus implemented within the language itself, and it is only activated on those policies that may be infringed and switched off otherwise.

Short bio
Pierpaolo Degano has been

  • since 1/11/1990 full Professore in computer science, since 1993 at Dipartimento di Informatica, Università di Pisa
  • 1993-96 head of the Dipartimento di Informatica, Università di Pisa
  • 2000-2003 Chairman of GRIN, the Italian Association of the Professors of Computer Science
  • since 2001 member of the scientific committee of the Scuola di Dottorato di Eccellenza “Galileo Galilei”, since 2009 vice-chairman
  • since 2006 head of the PhD programme in Computer Science
  • since 2007 chairman of the Italian Committee of PhD programmes in Computer Science
  • since 2005 member of the scientific committee of CoSBi, the Microsoft Research – University of Trento Centre for Computational and Systems Biology