Verification of control flow based security properties

Jensen, Thomas; Métayer, Daniel Le; Thorn, Tommy

doi:10.1109/secpri.1999.766902

Cited by 94 publications

(143 citation statements)

References 28 publications

Supporting

Mentioning

142

Contrasting

Order By: Relevance

“…modal µ-calculus specifications [4]. The development of our program model follows earlier work by Jensen et al [11] which addresses security properties expressible as stack invariants. These form a strict subset of the properties which can be expressed in our framework, but allow for more efficient model checking procedures.…”

Section: Discussionmentioning

confidence: 99%

“…Standard models of this kind are provided by labeled transition systems (LTS), where the transition labels denote method invocations and returns. Interaction behavior can then be defined in an abstract and language independent fashion, following the approach by Jensen et al [11], as being induced by a transfer/call graph through a set of transition rules. Composition of behaviors is obtained in process algebraic style by using imperfect actions which handshake to produce perfect communications.…”

Section: Program Modelmentioning

confidence: 99%

“…This model is inspired by [11], and was motivated and presented informally by the present authors in [2].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Compositional Verification of Secure Applet Interactions

Barthe

Gurov²,

Huisman

2002

Fundamental Approaches to Software Engineering

View full text Add to dashboard Cite

Abstract. Recent developments in mobile code and embedded systems have led to an increased interest in open platforms, i.e. platforms which enable different applications to interact in a dynamic environment. However, the flexibility of open platforms presents major difficulties for the (formal) verification of secure interaction between the different applications. To overcome these difficulties, compositional verification techniques are required. This paper presents a compositional approach to the specification and verification of secure applet interactions. This approach involves a compositional model of the interface behavior of applet interactions, a temporal logic property specification language, and a proof system for proving correctness of property decompositions. The usability of the approach is demonstrated on a realistic smartcard case study.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Program Modelmentioning

confidence: 99%

See 1 more Smart Citation

Compositional Verification of Secure Applet Interactions

Barthe

Gurov²,

Huisman

2002

Fundamental Approaches to Software Engineering

View full text Add to dashboard Cite

show abstract

“…Decision procedures for certain classes of non-regular properties already exist [JMT99, CW02, EKS03, CMM + 04]. The idea of making calls and returns in a recursive program visible to the specification language for writing properties appears implicitly in [JMT99] which proposes a logic over stack contents to specify security constraints, and in [EKS03] which augments linear temporal logic with regular valuations over stack contents, and in our recent work on the temporal logic Caret that allows modalities for matching calls and returns [AEM04]. Also, properties expressing boundedness of stack, and repeatedly boundedness, have received a lot of attention recently [CDT02,BSW03].…”

Section: Software Model Checkingmentioning

confidence: 99%

Adding Nesting Structure to Words

Alur

Madhusudan

2006

Lecture Notes in Computer Science

147

364

View full text Add to dashboard Cite

We propose the model of nested words for representation of data with both a linear ordering and a hierarchically nested matching of items. Examples of data with such dual linear-hierarchical structure include executions of structured programs, annotated linguistic data, and HTML/XML documents. Nested words generalize both words and ordered trees, and allow both word and tree operations. We define nested word automata-finite-state acceptors for nested words, and show that the resulting class of regular languages of nested words has all the appealing theoretical properties that the classical regular word languages enjoys: deterministic nested word automata are as expressive as their nondeterministic counterparts; the class is closed under union, intersection, complementation, concatenation, Kleene-*, prefixes, and language homomorphisms; membership, emptiness, language inclusion, and language equivalence are all decidable; and definability in monadic second order logic corresponds exactly to finite-state recognizability. We also consider regular languages of infinite nested words and show that the closure properties, MSO-characterization, and decidability of decision problems carry over.The linear encodings of nested words give the class of visibly pushdown languages of words, and this class lies between balanced languages and deterministic context-free languages. We argue that for algorithmic verification of structured programs, instead of viewing the program as a context-free language over words, one should view it as a regular language of nested words (or equivalently, a visibly pushdown language), and this would allow model checking of many properties (such as stack inspection, pre-post conditions) that are not expressible in existing specification logics.We also study the relationship between ordered trees and nested words, and the corresponding automata: while the analysis complexity of nested word automata is the same as that of classical tree automata, they combine both bottom-up and top-down traversals, and enjoy expressiveness and succinctness benefits over tree automata.

show abstract

“…Besides dataflow analysis, model-checking of pushdown systems has also been used for verifying security properties in programs [6,9,5]. Like WPDSs, we can use EW-PDS for this purpose, but with added precision that comes due to the presence of merging functions.…”

Section: Related Workmentioning

confidence: 99%

Extended Weighted Pushdown Systems

Lal

Reps

Balakrishnan

2005

Computer Aided Verification

View full text Add to dashboard Cite

Abstract. Recent work on weighted-pushdown systems shows how to generalize interprocedural-dataflow analysis to answer "stack-qualified queries", which answer the question "what dataflow values hold at a program node for a particular set of calling contexts?" The generalization, however, does not account for precise handling of local variables. Extended-weighted-pushdown systems address this issue, and provide answers to stack-qualified queries in the presence of local variables as well.

show abstract

Verification of control flow based security properties

Cited by 94 publications

References 28 publications

Compositional Verification of Secure Applet Interactions

Compositional Verification of Secure Applet Interactions

Adding Nesting Structure to Words

Extended Weighted Pushdown Systems

Contact Info

Product

Resources

About