Applying $\pi$-Calculus to Practice: An Example of a Unified Security Mechanism

Jörg Abendroth

November 2003

Abstract:

The Pi-calculus has been developed to reason about behavioural equivalence. Different notions of equivalence are defined in terms of process interactions, as well as the context of processes. There are various extensions of the Pi-calculus, such as the SPI calculus, which has primitives to facilitate security protocol design.

Another area of computer security is access control research, which includes problems of access control models, policies and access control mechanism. The design of a unified framework for access control requires that all policies are supported and different access control models are instantiated correctly.

In this paper we will utilise the Pi calculus to reason about access control policies and mechanism. An equivalence of different policy implementations, as well as access control mechanism will be shown. Finally some experiences regarding the use of Pi-calculus are presented.

Available as PostScript, PDF.

 

Last modified: 2003-11-12 by webmaster.