{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,6]],"date-time":"2025-11-06T20:02:37Z","timestamp":1762459357263,"version":"3.41.0"},"reference-count":25,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2016,7,1]],"date-time":"2016-07-01T00:00:00Z","timestamp":1467331200000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100000921","name":"European Cooperation in Science and Technology","doi-asserted-by":"publisher","award":["IC1201"],"award-info":[{"award-number":["IC1201"]}],"id":[{"id":"10.13039\/501100000921","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100004564","name":"Ministarstvo Prosvete, Nauke i Tehnolo\u0161kog Razvoja","doi-asserted-by":"publisher","award":["ON174026 and III44006"],"award-info":[{"award-number":["ON174026 and III44006"]}],"id":[{"id":"10.13039\/501100004564","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Form. Asp. Comput."],"published-print":{"date-parts":[[2016,7]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Protocols in distributed settings usually rely on the interaction of several parties and often identify the<jats:italic>roles<\/jats:italic>involved in communications. Roles may have a behavioral interpretation, as they do not necessarily correspond to sites or physical devices. Notions of<jats:italic>role authorization<\/jats:italic>thus become necessary to consider settings in which, e.g., different sites may be authorized to act on behalf of a single role, or in which one site may be authorized to act on behalf of different roles. This flexibility must be equipped with ways of controlling the roles that the different parties are authorized to represent, including the challenging case in which role authorizations are determined only at runtime. We present a typed framework for the analysis of multiparty interaction with dynamic role authorization and delegation. Building on previous work on conversation types with role assignment, our formal model is based on an extension of the<jats:inline-formula><jats:alternatives><mml:math xmlns:mml=\"http:\/\/www.w3.org\/1998\/Math\/MathML\"><mml:mi mathvariant=\"italic\">\u03c0<\/mml:mi><\/mml:math><\/jats:alternatives><\/jats:inline-formula>-calculus in which the basic resources are pairs channel-role, which denote the access right of interacting along a given channel representing the given role. To specify dynamic authorization control, our process model includes (1) a novel scoping construct for authorization domains, and (2) communication primitives for authorizations, which allow to pass around authorizations to act on a given channel. An authorization error then corresponds to an action involving a channel and a role not enclosed by an appropriate authorization scope. We introduce a typing discipline that ensures that processes never reduce to authorization errors, including when parties dynamically acquire authorizations.<\/jats:p>","DOI":"10.1007\/s00165-016-0363-5","type":"journal-article","created":{"date-parts":[[2016,3,18]],"date-time":"2016-03-18T16:59:00Z","timestamp":1458320340000},"page":"643-667","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Dynamic role authorization in multiparty conversations"],"prefix":"10.1145","volume":"28","author":[{"given":"Silvia","family":"Ghilezan","sequence":"first","affiliation":[{"name":"University of Novi Sad, Novi Sad, Serbia"}]},{"given":"Svetlana","family":"Jak\u0161i\u0107","sequence":"additional","affiliation":[{"name":"University of Novi Sad, Novi Sad, Serbia"}]},{"given":"Jovanka","family":"Pantovi\u0107","sequence":"additional","affiliation":[{"name":"University of Novi Sad, Novi Sad, Serbia"}]},{"given":"Jorge A.","family":"P\u00e9rez","sequence":"additional","affiliation":[{"name":"University of Groningen, Groningen, The Netherlands"}]},{"given":"Hugo Torres","family":"Vieira","sequence":"additional","affiliation":[{"name":"IMT School for Advanced Studies Lucca, Lucca, Italy"}]}],"member":"320","reference":[{"key":"e_1_2_1_2_1_2","doi-asserted-by":"crossref","unstructured":"Bono V Capecchi S Castellani I Dezani-Ciancaglini M (2011) A reputation system for multirole sessions. In: Roberto B Vladimiro S (eds) Trustworthy Global Computing\u20146th International Symposium TGC 2011 Aachen Germany June 9-10 2011. Revised Selected Papers vol. 7173 of Lecture Notes in Computer Science. Springer pp 1\u201324","DOI":"10.1007\/978-3-642-30065-3_1"},{"key":"e_1_2_1_2_2_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jlamp.2015.09.003"},{"key":"e_1_2_1_2_3_2","doi-asserted-by":"publisher","DOI":"10.1017\/S095679680400543X"},{"key":"e_1_2_1_2_4_2","doi-asserted-by":"crossref","unstructured":"Baltazar P Caires L Vasconcelos VT Vieira HT (2012) A type system for flexible role assignment in multiparty communicating systems. In: Catuscia P and Mark Dermot R (eds) Trustworthy Global Computing\u20147th International Symposium TGC2012 Revised Selected Papers Vol 8191 of Lecture Notes in Computer Science. Springer pp 82\u201396","DOI":"10.1007\/978-3-642-41157-1_6"},{"key":"e_1_2_1_2_5_2","doi-asserted-by":"crossref","unstructured":"Capecchi S Castellani I Dezani-Ciancaglini M (2011) Information flow safety in multiparty sessions. In: Bas L and Frank V (eds) Proceedings 18th International Workshop on Expressiveness in Concurrency EXPRESS 2011 Aachen Germany 5th September 2011 Vol 64 EPTCS pp 16\u201330","DOI":"10.4204\/EPTCS.64.2"},{"key":"e_1_2_1_2_6_2","doi-asserted-by":"crossref","unstructured":"Capecchi S Castellani I Dezani-Ciancaglini M Rezk T (2010) Session types for access and information flow control. In: Paul G Fran\u00e7ois L (eds) CONCUR 2010\u2014Concurrency Theory 21th International Conference CONCUR 2010 Paris France August 31\u2013September 3 2010. Proceedings Vol 6269 of Lecture Notes in Computer Science Springer pp 237\u2013252","DOI":"10.1007\/978-3-642-15375-4_17"},{"key":"e_1_2_1_2_7_2","doi-asserted-by":"crossref","unstructured":"David G Clarke Potter J Noble J (1998) Ownership types for flexible alias protection. In: Bj\u00f8rn N. Freeman-Benson and Craig Chambers (eds) Proceedings of the 1998 ACMSIGPLAN Conference on Object-Oriented Programming Systems Languages and Applications (OOPSLA \u201998) Vancouver British Columbia Canada October 18-22 1998. ACM pp 48\u201364","DOI":"10.1145\/286936.286947"},{"key":"e_1_2_1_2_8_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.tcs.2010.09.010"},{"key":"#cr-split#-e_1_2_1_2_9_2.1","doi-asserted-by":"crossref","unstructured":"Dezani-Ciancaglini M Ghilezan S Jaksic S Pantovic J (2010) Types for role-based access control of dynamic web data. In Julio Mari\u00f1o","DOI":"10.1007\/978-3-642-20775-4_1"},{"key":"#cr-split#-e_1_2_1_2_9_2.2","unstructured":"(ed) Functional and Constraint Logic Programming-19th International Workshop WFLP 2010 Madrid Spain January 17 2010. Revised Selected Papers volume 6559 of Lecture Notes in Computer Science . Springer pp 1-29"},{"key":"e_1_2_1_2_10_2","doi-asserted-by":"crossref","unstructured":"Pierre-Malo D Yoshida N (2011) Dynamic multirole session types. In: Thomas B Mooly S (eds) Proceedings of the 38th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages POPL 2011 Austin TX USA January 26-28 2011 ACM pp 435\u2013446","DOI":"10.1145\/1925844.1926435"},{"key":"e_1_2_1_2_11_2","doi-asserted-by":"crossref","unstructured":"Fournet C Gordon AD Maffeis S (2007) A type discipline for authorization policies. ACM Trans Program Lang Syst 29(5)","DOI":"10.1145\/1275497.1275500"},{"key":"e_1_2_1_2_12_2","doi-asserted-by":"crossref","unstructured":"Ghilezan S Jaksic S Pantovic J P\u00e9rez JA Vieira HT (2014) Dynamic role authorization in multiparty conversations. In: Proceedings of BEAT 2014 Vol. 162 of EPTCS pp 1\u20138","DOI":"10.4204\/EPTCS.162.1"},{"key":"e_1_2_1_2_13_2","doi-asserted-by":"crossref","unstructured":"Ghilezan S Jaksic S Pantovic J P\u00e9rez JA Vieira HT (2016) A typed model for dynamic authorizations. In: Gay S Alglave J (eds) Proceedings Eighth InternationalWorkshop on Programming Language Approaches to Concurrency- and CommunicationcEntric Software London 18thApril 2015. Electronic Proceedings in TheoreticalComputer Science vol 203. Open Publishing Association pp 73\u201384. doi:10.4204\/EPTCS.203.6","DOI":"10.4204\/EPTCS.203.6"},{"key":"e_1_2_1_2_14_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jlap.2008.12.001"},{"key":"e_1_2_1_2_15_2","doi-asserted-by":"crossref","unstructured":"Giunti M Palamidessi C Valencia FD (2012) Hide and new in the pi-calculus. In: Proceedings Combined 19th International Workshop on Expressiveness in Concurrency and 9th Workshop on Structured Operational Semantics EXPRESS\/SOS 2012 volume 89 of EPTCS pp 65\u201379","DOI":"10.4204\/EPTCS.89.0"},{"key":"e_1_2_1_2_16_2","unstructured":"Huttel H Lanese I Vasconcelos VT Caires L Carbone M Pierre-Malo D Mostrous D Padovani L Ravara A Tuosto E Vieira HT Zavattaro G (2016) Foundations of behavioural types. ACM Comput. Surv. To appear. Preliminary version available at http:\/\/www.behavioural-types.eu\/publications\/."},{"key":"e_1_2_1_2_17_2","doi-asserted-by":"publisher","DOI":"10.1145\/360303.360333"},{"key":"e_1_2_1_2_18_2","doi-asserted-by":"publisher","DOI":"10.1145\/775265.775268"},{"key":"e_1_2_1_2_19_2","unstructured":"Lapadula A Pugliese R Tiezzi F (2007) Regulating data exchange in service oriented applications. In Farhad Arbab and Marjan Sirjani editors International Symposium on Fundamentals of Software Engineering International Symposium FSEN 2007 Tehran Iran April 17-19 2007 Proceedings volume 4767 of Lecture Notes in Computer Science. Springer pp 223\u2013239"},{"key":"e_1_2_1_2_20_2","doi-asserted-by":"crossref","unstructured":"Sandhu RS (1992) The typed access matrix model. In 1992 IEEE Computer Society Symposium on Research in Security and Privacy Oakland CA USA May 4\u20136 1992. IEEE Computer Society pp 122\u2013136","DOI":"10.1109\/RISP.1992.213266"},{"key":"e_1_2_1_2_21_2","doi-asserted-by":"crossref","unstructured":"Swamy N Chen J Chugh R (2010) Enforcing stateful authorization and information flow policies in fine. In: Programming Languages and Systems 19th European Symposium on Programming ESOP 2010 Proceedings Vol 6012 of Lecture Notes in Computer Science Springer pp 529\u2013549","DOI":"10.1007\/978-3-642-11957-6_28"},{"key":"e_1_2_1_2_22_2","unstructured":"Samarati P De Capitani di Vimercati S (2000) Access control: Policies models and mechanisms. In: Riccardo Focardi Roberto Gorrieri (eds) Foundations of Security Analysis and Design Tutorial Lectures [revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design FOSAD 2000 Bertinoro Italy September 2000] Vol. 2171 of Lecture Notes in Computer Science. Springer pp 137\u2013196"},{"key":"e_1_2_1_2_23_2","doi-asserted-by":"crossref","unstructured":"Sangiorgi D Walker D (2001) The Pi-Calculus\u2014a theory of mobile processes. Cambridge University Press","DOI":"10.1017\/9781316134924"},{"key":"e_1_2_1_2_24_2","doi-asserted-by":"publisher","DOI":"10.1016\/S1571-0661(04)80421-3"}],"container-title":["Formal Aspects of Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00165-016-0363-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00165-016-0363-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1007\/s00165-016-0363-5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,1]],"date-time":"2025-06-01T21:01:43Z","timestamp":1748811703000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1007\/s00165-016-0363-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,7]]},"references-count":25,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2016,7]]}},"alternative-id":["10.1007\/s00165-016-0363-5"],"URL":"https:\/\/doi.org\/10.1007\/s00165-016-0363-5","relation":{},"ISSN":["0934-5043","1433-299X"],"issn-type":[{"type":"print","value":"0934-5043"},{"type":"electronic","value":"1433-299X"}],"subject":[],"published":{"date-parts":[[2016,7]]}}}