Resumo: We present a mathematical model for
distributed systems and decentralized peer-to-peer networks in which
users have limited access to the data. A location (peer) is described
with its data and processes. In order to obtain a system in which users
have different access rights, we propose a RBAC (Roll Based Access
Control) approach that control data usage. Location policy (its type)
allows actions of a process depending on the roles of that process. The
access rights of a role (all processes that are assigned that role) at a
location can be changed (increased or decreased) only if the policy of
that location allows it. We propose a type system which ensures that
the specified network policy is respected during computations and that a
user can access and change only data in the range of its roles. |