Managing Policy Updates in Security-Typed Languages

This paper presents RX, a new security-typed programming language with features intended to make the management of information-flow policies more practical. Security labels in RX, in contrast to prior approaches, are defined in terms of owned roles, as found in the RT role-based trust-management framework. Role-based security policies allow flexible delegation, and the language RX provides constructs through which programs can robustly update policies and react to policy updates dynamically. The dynamic semantics use statically verified transactions to eliminate illegal information flows across updates, which the authors call transitive flows.