Fully Abstract Trace Semantics for Low-level Isolation Mechanisms – Extended Version
نویسندگان
چکیده
Many software systems adopt isolation mechanisms of modern processors as software security building blocks. Reasoning about these building blocks means reasoning about elaborate assembly code, which can be very complex due to the loose structure of the code. One way to overcome this complexity is providing the code with a more structured semantics. This paper presents one such semantics, namely a fully abstract trace semantics, for an assembly language enhanced with protection mechanisms of modern processors. The trace semantics represents the behaviour of protected assembly code with simple abstractions, unburdened by low-level details, at the maximum degree of precision. Furthermore, it captures the capabilities of attackers to protected software and simplifies providing a secure compiler targeting the assembly language. Fully Abstract Trace Semantics for Low-level Isolation Mechanisms – Extended version Marco Patrignani ∗ Dave Clarke iMinds-DistriNet, Dept. Computer Science, KU Leuven {first.last}@cs.kuleuven.be
منابع مشابه
Fully abstract trace semantics for protected module architectures
Protected module architectures (PMA) are an isolation mechanism that emerging processors provide as security building blocks for modern software systems. Reasoning about these building blocks means reasoning about elaborate assembly code, which can be very complex due to the loose structure of the code. One way to overcome this complexity is providing the code with a well-structured semantics. ...
متن کاملTrace and Testing Equivalence on Asynchronous Processes
We study trace and may-testing equivalences in the asynchronous versions of CCS and-calculus. We start from the operational deenition of the may-testing preorder and provide for it nitary and fully abstract trace-based characterizations, along with a complete in-equational proof system. We also touch upon two variants of this theory, by rst considering a more demanding equivalence notion (must-...
متن کاملSecure Compilation of Object-Oriented Components to Protected Module Architectures – Extended Version
A fully abstract compilation scheme prevents the security features of the high-level language from being bypassed by an attacker operating at a particular lower level. This paper presents a fully abstract compilation scheme from a realistic object-oriented language with dynamic memory allocation, cross-package inheritance, exceptions and inner classes to untyped machine code. Full abstraction o...
متن کاملTracing Snapshot Isolation in Transactions (Extended Abstract)
Effect traces provide a simple methodology of reasoning about program semantics while abstracting away from low-level details. They describe the semantics of a transaction in terms of reads and writes to locations in shared memory. In this work, we propose a definition for traces of transactions under snapshot isolation. Snapshot traces simplify the reasoning about STM with snapshot isolation s...
متن کاملSecure Compilation to Modern Processors: Extended Version
We present a secure (fully abstract) compilation scheme to compile an object-based high-level language to low-level machine code. Full abstraction is achieved by relying on a fine-grained program counter-based memory access protection scheme, which is part of our low-level target language. We discuss why standard compilers fail to provide full abstraction and introduce enhancements needed to ac...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013