The essence of compiling with continuations
PLDI '93 Proceedings of the ACM SIGPLAN 1993 conference on Programming language design and implementation
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
From system F to typed assembly language
ACM Transactions on Programming Languages and Systems (TOPLAS)
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Interactive Theorem Proving and Program Development
Interactive Theorem Proving and Program Development
Concurrency and Computation: Practice & Experience - Formal Techniques for Java-like Programs
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Refinement Types for Secure Implementations
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
AURA: a programming language for authorization and audit
Proceedings of the 13th ACM SIGPLAN international conference on Functional programming
Constrained types for object-oriented languages
Proceedings of the 23rd ACM SIGPLAN conference on Object-oriented programming systems languages and applications
Proceedings of the 3rd workshop on Programming languages meets program verification
Distributed programming with distributed authorization
Proceedings of the 5th ACM SIGPLAN workshop on Types in language design and implementation
A certified lightweight non-interference java bytecode verifier
ESOP'07 Proceedings of the 16th European conference on Programming
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Enforcing stateful authorization and information flow policies in fine
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
A typed assembly language for confidentiality
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Refinement types for secure implementations
ACM Transactions on Programming Languages and Systems (TOPLAS)
Verifying stateful programs with substructural state and hoare types
Proceedings of the 5th ACM workshop on Programming languages meets program verification
Typechecking higher-order security libraries
APLAS'10 Proceedings of the 8th Asian conference on Programming languages and systems
An Abstract Model of Certificate Translation
ACM Transactions on Programming Languages and Systems (TOPLAS)
Secure distributed programming with value-dependent types
Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
A language for automatically enforcing privacy policies
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Self-certification: bootstrapping certified typecheckers in F* with Coq
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SMT proof checking using a logical framework
Formal Methods in System Design
Faceted execution of policy-agnostic programs
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Verifying higher-order programs with the dijkstra monad
Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation
| Hi-index | 0.00 |
A number of programming languages use rich type systems to verify security properties of code. Some of these languages are meant for source programming, but programs written in these languages are compiled without explicit security proofs, limiting their utility in settings where proofs are necessary, e.g., proof-carrying authorization. Others languages do include explicit proofs, but these are generally lambda calculi not intended for source programming, that must be further compiled to an executable form. A language suitable for source programming backed by a compiler that enables end-to-end verification is missing. In this paper, we present a type-preserving compiler that translates programs written in FINE, a source-level functional language with dependent refinements and affine types, to DCIL, a new extension of the .NET Common Intermediate Language. FINE is type checked using an external SMT solver to reduce the proof burden on source programmers. We extract explicit LCF-style proof terms from the solver and carry these proof terms in the compilation to DCIL, thereby removing the solver from the trusted computing base. Explicit proofs enable DCIL to be used in a number of important scenarios, including the verification of mobile code, proof-carrying authorization, and evidence-based auditing. We report on our experience using FINE to build reference monitors for several applications, ranging from a plugin-based email client to a conference management server.