@CONFERENCE\{IMM2006-04745,
    author       = "D. S{\o}ndergaard and C. W. Probst and C. D. Jensen and R. R. Hansen",
    title        = "Program Partitioning using Dynamic Trust Models",
    year         = "2006",
    month        = "aug",
    booktitle    = "Workshop on Formal Aspects in Security and Trust ({FAST} 2006)",
    volume       = "",
    series       = "",
    editor       = "",
    publisher    = "",
    organization = "",
    address      = "",
    url          = "http://www2.compute.dtu.dk/pubdb/pubs/4745-full.html",
    abstract     = "Developing distributed applications is a difficult task. It is
  further complicated if system-wide security policies shall be
  specified and enforced, or if both data and hosts are owned by
  principals that do not fully trust each other, as is typically the case in
  service-oriented or grid-based scenarios. Language-based
  technologies have been suggested to support developers of those
  applications---the \$\backslash\$emph\{Decentralized Label Model\} and \$\backslash\$emph\{Secure
    Program Partitioning\} allow to annotate programs with security
  specifications, and to partition the annotated program 
  across a set of hosts, obeying both the annotations and the trust
  relation between the principals. The resulting applications
  guarantee \$\backslash\$emph\{by construction\} that safety and confidentiality of
  both data and computations are ensured. In this work, we develop a
  generalised version of the splitting framework, that is parametrised
  in the trust component, and show the result of specialising it with
  different trust models. We also develop a metric to measure the
  quality of the result of the partitioning process."
}