A certificate infrastructure for machine-checked proofs of conditional information flow

Authors:
Torben Amtoft;Josiah Dodds;Zhi Zhang;Andrew Appel;Lennart Beringer;John Hatcliff;Xinming Ou;Andrew Cousino
Affiliations:
CIS Department, Kansas State University, Manhattan, KS;Dept. of Comp. Sci., Princeton University, Princeton, NJ;CIS Department, Kansas State University, Manhattan, KS;Dept. of Comp. Sci., Princeton University, Princeton, NJ;Dept. of Comp. Sci., Princeton University, Princeton, NJ;CIS Department, Kansas State University, Manhattan, KS;CIS Department, Kansas State University, Manhattan, KS;CIS Department, Kansas State University, Manhattan, KS
Venue:
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Year:
2012

Citing 25
Cited 0

Information-flow and data-flow analysis of while-programs

ACM Transactions on Programming Languages and Systems (TOPLAS)
Proof-carrying code

Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Oracle-based checking of untrusted software

POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Type-Based Approach to Program Security

TAPSOFT '97 Proceedings of the 7th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
Foundational Proof-Carrying Code

LICS '01 Proceedings of the 16th Annual IEEE Symposium on Logic in Computer Science
Foundational proof checkers with small witnesses

Proceedings of the 5th ACM SIGPLAN international conference on Principles and practice of declaritive programming
Simple relational correctness proofs for static analyses and program transformations

Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure Information Flow by Self-Composition

CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Enforcing security and safety models with an information flow analysis tool

Proceedings of the 2004 annual ACM SIGAda international conference on Ada: The engineering of correct and reliable software for real-time & distributed systems using Ada and related technologies
Formal certification of a compiler back-end or: programming a compiler with a proof assistant

Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Formal specification and verification of data separation in a separation kernel for an embedded system

Proceedings of the 13th ACM conference on Computer and communications security
Proof-carrying code from certified abstract interpretation and fixpoint compression

Theoretical Computer Science - Applied semantics
Secure information flow and program logics

CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Verification condition generation for conditional information flow

Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Specification and Checking of Software Contracts for Conditional Information Flow

FM '08 Proceedings of the 15th international symposium on Formal Methods
The MOBIUS Proof Carrying Code Infrastructure

Formal Methods for Components and Objects
A certified lightweight non-interference java bytecode verifier

ESOP'07 Proceedings of the 16th European conference on Programming
Verified software toolchain

ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
Relational decomposition

ITP'11 Proceedings of the Second international conference on Interactive theorem proving
Asserting bytecode safety

ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Privacy-sensitive information flow with JML

CADE' 20 Proceedings of the 20th international conference on Automated Deduction
A theorem proving approach to analysis of secure information flow

SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
Secure information flow as a safety problem

SAS'05 Proceedings of the 12th international conference on Static Analysis
Precise and automated contract-based reasoning for verification and certification of information flow properties of programs with arrays

ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
A modular integration of SAT/SMT solvers to coq through proof witnesses

CPP'11 Proceedings of the First international conference on Certified Programs and Proofs

Quantified Score

Hi-index	0.00

Visualization

Abstract

In previous work, we have proposed a compositional framework for stating and automatically verifying complex conditional information flow policies using a relational Hoare logic. The framework allows developers and verifiers to work directly with the source code using source-level code contracts. In this work, we extend that approach so that the algorithm for verifying code compliance to an information flow contract emits formal certificates of correctness that are checked in the Coq proof assistant. This framework is implemented in the context of SPARK - a subset of Ada that has been used in a number of industrial contexts for implementing certified safety and security critical systems.