Abstract
The task of a security API is to allow users to process data and key material according to the designer's intentions, and to prevent any malicious sequence of commands from violating these intentions. Security APIs do this by attaching metadata to keys and data -type information - to record acceptable usage policy, which is checked by individual API commands in order to approve or deny a particular manipulation. But what actually is type information? This paper proposes a conceptual framework for understanding cryptographic type, and how it maintains the integrity of the designer's intentions in an API. We describe four core conceptual components of type: form, use, role and domain. We compare our model to real-life security APIs, and argue that designing new systems within the bounds of the model improves safety, eliminating many common security issues.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
