Domain Separation by Construction
نویسندگان
چکیده
Language-based approaches to security typically use static type systems to control information flow, relying on type inference to distinguish secure programs from insecure ones. This paper advocates a novel approach to language-based security: by structuring software with monads (a form of abstract data type for effects), we are able to maintain separation of effects by construction. The thesis of this work is that well-understood properties of monads and monad transformers aid in the construction and verification of secure software. We introduce a formulation of non-interference based on monads (rather than the typical trace-based formulation). Using this formulation, we prove a noninterference style property for a simple instance of our abstract system model. Because monads may be easily and safely represented within any higher-order, typed functional language, monadic event systems may be directly realized within such a language.
منابع مشابه
A Program Construction and Verification Tool for Separation Logic
An algebraic approach to the design of program construction and verification tools is applied to separation logic. The control-flow level is modelled by power series with convolution as separating conjunction. A generic construction lifts resource monoids to assertion and predicate transformer quantales. The data domain is captured by concrete store-heap models. These are linked to the separati...
متن کاملConstruction of recombinant Pichia pastoris expressing single-chain antibody fragment against extracellular domain of EpCAM
Introduction: Epithelial cell adhesion molecule (EpCAM) is highly expressed on epithelial tumors. So, EpCAM is a valuable antigen for targeted therapy. Using monoclonal antibodies (mabs) is an attractive approach for targeted cancer therapy. Importantly, limitations of intact mabs including large size led to the development of antibody fragments such as single chain fragment variable (scfv). Pi...
متن کاملQuantum Interference Control of Ballistic Magneto- resistance in a Magnetic Nanowire Containing Two Atomic- Size Domain Walls
The magnetoresistance of a one-dimensional electron gas in a metallic ferromagnetic nanowire containing two atomic-size domain walls has been investigated in the presence of spin-orbit interaction. The magnetoresistance is calculated in the ballistic regime, within the Landauer-Büttiker formalism. It has been demonstrated that the conductance of a magnetic nanowire with double domain walls...
متن کاملAchieving information flow security through monadic control of effects
This paper advocates a novel approach to the construction of secure software: controlling information flow and maintaining integrity via monadic encapsulation of effects. This approach is constructive, relying on properties of monads and monad transformers to build, verify, and extend secure software systems. We illustrate this approach by construction of abstract operating systems called separ...
متن کاملAn Abstract Domain Combinator for Separately Conjoining Memory Abstractions
The breadth and depth of heap properties that can be inferred by the union of today’s shape analyses is quite astounding. Yet, achieving scalability while supporting a wide range of complex data structures in a generic way remains a long-standing challenge. In this paper, we propose a way to side-step this issue by defining a generic abstract domain combinator for combining memory abstractions ...
متن کاملReduced Product Combination of Abstract Domains for Shapes
Real-world data structures are often enhanced with additional pointers capturing alternative paths through a basic inductive skeleton (e.g., back pointers, head pointers). From the static analysis point of view, we must obtain several interlocking shape invariants. At the same time, it is well understood in abstract interpretation design that supporting a separation of concerns is critically im...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2003