Location of Repository

to Aid Formal Methods Research. ” Pending approval

By Technogenesis Or Scholars Program

Abstract

The overall goal is to develop tools and other infrastructure to support research and teaching with the Java Modeling Language (JML) [5]. Security is one of the areas where JML has been most successfully applied. The specific goal of this summer research project is to integrate one of the JML analysis tools (static verifier) with a lightweight type-based security analyzer, to provide formal specification and verification of information flow policies that include conditional downgrading. Downgrading encompasses declassification of secrets and endorsement of untrusted inputs, but for research purposes we will focus on declassification. The type-based security analyzer, SecJ, was developed by Naumann’s PhD student Qi Sun [4] as part of his dissertation [3]. The prototype system is available online [6]. This work was funded by another NSF award, 1 and in that project we also devised a technique called conditional gradual release (CGR) for specifying and verifying downgrading policies [2, 1]. However, it has not yet been implemented. This summer undergraduate research project will incorporate CGR policies and enforcement into SecJ. In particular, the student will continue development of the SecJ tool b

Year: 2011
OAI identifier: oai:CiteSeerX.psu:10.1.1.189.1119
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://www.cs.stevens-tech.edu... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.