Stateful authorization logic: proof theory and a case study
STM'10 Proceedings of the 6th international conference on Security and trust management
Stateful authorization logic --Proof theory and a case study
Journal of Computer Security - STM'10
| Hi-index | 0.00 |
One of the most important and enduring problems in programming languages research involves verification of programs that construct, manipulate and dispose of complex heap-allocated data structures. Over the last several years, great progress has been made on this problem by using substructural logics to specify the shape of heap-allocated data structures. These logics can capture aliasing properties in a concise notation. In this dissertation, we present our work on using an extension of Girard's intuitionistic linear logic (a substructural logic) with classical constraints as the base logic to reason about the memory safety and shape invariants of programs that manipulate complex heap-allocated data structures. To be more precise, we have defined formal proof rules for an intuitionistic linear logic with constraints, ILC, which modularly combines substructural reasoning with general constraint-based reasoning. We have also defined a formal semantics for our logic – program heaps – with recursively defined predicates. Next, we developed verification systems using different fragments of ILC to verify pointer programs. In particular, we developed a set of sound verification generation rules that are used to statically verify pointer programs. We also demonstrated how to interpret the logical formulas as run-time assertions. In the end, we developed a new imperative language that allows programmers to define and manipulate heap-allocated data structures using ILC formulas. The main contributions of this thesis are that (1) the development of a substructural logic that is capable of general constraint-based reasoning; and (2) the idea of incorporating high-level logical formulas into imperative languages; either as dynamic contract specifications, which allow clear, compact and semantically well-defined documentation of heap-shape properties; or as language constructs, which drive safe construction and manipulation of sophisticated heap-allocated data structures.