A General Theory of Composition for a Class of "Possibilistic" Properties
IEEE Transactions on Software Engineering
Composition and integrity preservation of secure reactive systems
Proceedings of the 7th ACM conference on Computer and communications security
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Protocol Composition Logic (PCL)
Electronic Notes in Theoretical Computer Science (ENTCS)
A mini challenge: build a verifiable filesystem
Formal Aspects of Computing
The reactive simulatability (RSIM) framework for asynchronous systems
Information and Computation
Refinement Types for Secure Implementations
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
POSIX file store in Z/Eves: An experiment in the verified software repository
Science of Computer Programming
A Logic of Secure Systems and its Application to Trusted Computing
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Browser model for security analysis of browser-based protocols
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Hi-index | 0.00 |
We provide an analytical framework for basic integrity properties of file systems, namely the binding of files to filenames and writing capabilities. A salient feature of our modeling and analysis is that it is composable: In spite of the fact that we analyze the filesystem in isolation, security is guaranteed even when the file system operates as a component within an arbitrary, and potentially adversarial system. Our results are obtained by adapting the Universally Composable (UC) security framework to the analysis of software systems. Originally developed for cryptographic protocols, the UC framework allows the analysis of simple components in isolation, and provides assurance that these components maintain their behavior when combined in a large system, potentially under adversarial conditions.