2012
DOI: 10.1007/978-3-642-28641-4_20
|View full text |Cite
|
Sign up to set email alerts
|

A Certificate Infrastructure for Machine-Checked Proofs of Conditional Information Flow

Abstract: Abstract.In previous work, we have proposed a compositional framework for stating and automatically verifying complex conditional information flow policies using a relational Hoare logic. The framework allows developers and verifiers to work directly with the source code using source-level code contracts. In this work, we extend that approach so that the algorithm for verifying code compliance to an information flow contract emits formal certificates of correctness that are checked in the Coq proof assistant. … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
8
0

Year Published

2014
2014
2024
2024

Publication Types

Select...
5
2

Relationship

0
7

Authors

Journals

citations
Cited by 20 publications
(8 citation statements)
references
References 33 publications
0
8
0
Order By: Relevance
“…The following definition describes the construction of a CCV for a given CPA. 5 Modification which do not lead to certificates result in a syntactic rejection. Definition 5.…”
Section: Configurable Certificationmentioning
confidence: 99%
See 2 more Smart Citations
“…The following definition describes the construction of a CCV for a given CPA. 5 Modification which do not lead to certificates result in a syntactic rejection. Definition 5.…”
Section: Configurable Certificationmentioning
confidence: 99%
“…In this, our focus lays on generating certificates which can ease verification and thereby serve as witnesses for the correctness of a program. The aspect of small trusted bases, which is the idea of foundational proof carrying code [6], (so far) plays no role in our approach (in contrast to, for instance, the two security approaches [7,5]). Our generic approach builds on an existing framework for configurable program analysis with tool support in the form of CPAchecker [13].…”
Section: Introductionmentioning
confidence: 97%
See 1 more Smart Citation
“…The memory is modelled as a function from machine addresses to memory pages; contrary to separation kernels, pages are allocated on demand. Each page contains: .i an owner (PageOwner); .ii a flag indicating whether the page can be cached or not 6 ; .iii a content (PageContent). A page owner is either the hypervisor or a guest OS; pages may not have owners.…”
Section: Formalization Of Propositionmentioning
confidence: 99%
“…Barthe et al [15] and Amtoft et al [6] formally verify type-based and logic-based methods for enforcing information flow policies in programs. More recently, Azevedo et al [8] formally verify a clean-slate design that enforces information flow.…”
Section: Verified Compilation and Analyses Compcertmentioning
confidence: 99%