A Certificate Infrastructure for Machine-Checked Proofs of Conditional Information Flow
نویسندگان
چکیده
In previous work, we have proposed a compositional framework for stating and automatically verifying complex conditional information flow policies using a relational Hoare logic. The framework allows developers and verifiers to work directly with the source code using source-level code contracts. In this work, we extend that approach so that the algorithm for verifying code compliance to an information flow contract emits formal certificates of correctness that are checked in the Coq proof assistant. This framework is implemented in the context of SPARK – a subset of Ada that has been used in a number of industrial contexts for implementing certified safety and security critical systems.
منابع مشابه
Proving Information Flow Noninterference by Reusing a Machine-Checked Correctness Proof for Slicing
We present a machine-checked correctness proof for information flow noninterference based on interprocedural slicing. It reuses a correctness proof of the context-sensitive interprocedural slicing algorithm of Horwitz, Reps, and Binkley. The underlying slicing framework is modular in the programming language used; by instantiating this framework the correctness proofs hold for the respective la...
متن کاملAquinas Hobor Research Statement
I am interested in improving software reliability through specification and verification techniques. Recently I have focused on improving the reliability of concurrent programs. Multi-core processors are leading to an increasing number of programs that utilize concurrency. Unfortunately, concurrency bugs tend to be among the most difficult to discover through testing. Therefore to improve the r...
متن کاملOracle Semantics for Concurrent Separation Logic
We define (with machine-checked proofs in Coq) a modular operational semantics for Concurrent C minor—a language with shared memory, spawnable threads, and first-class locks. By modular we mean that one can reason about sequential control and data-flow knowing almost nothing about concurrency, and one can reason about concurrency knowing almost nothing about sequential control and data-flow con...
متن کاملAutomated Certification of Non-Interference in Rewriting Logic
In this paper we propose a certification technique for noninterference of Java programs based on rewriting logic, a very general logical and semantic framework efficiently implemented in the high-level programming language Maude. Non–interference is a semantic program property that prevents illicit information flow to happen. Starting from a basic specification of the semantics of Java written ...
متن کاملSuccinct quantum proofs for properties of finite groups
In this paper we consider a quantum computational variant of nondeterminism based on the notion of a quantum proof, which is a quantum state that plays a role similar to a certificate in an NP-type proof. Specifically, we consider quantum proofs for properties of black-box groups, which are finite groups whose elements are encoded as strings of a given length and whose group operations are perf...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012