31 research outputs found
Analysing Flow Security Properties in Virtualised Computing Systems
This paper studies the problem of reasoning about flow security properties in
virtualised computing networks with mobility from perspective of formal
language. We propose a distributed process algebra CSP_{4v} with security
labelled processes for the purpose of formal modelling of virtualised computing
systems. Specifically, information leakage can come from observations on
process executions, communications and from cache side channels in the
virtualised environment. We describe a cache flow policy to identify such
flows. A type system of the language is presented to enforce the flow policy
and control the leakage introduced by observing behaviours of communicating
processes and behaviours of virtual machine (VM) instances during accessing
shared memory cache
Formal verification of side-channel countermeasures using self-composition
Formal verification of cryptographic software implementations poses significant challenges for off-the-shelf tools. This is due to the domain-specific characteristics of the code, involving aggressive optimizations and non-functional security requirements, namely the critical aspect of countermeasures against side-channel attacks. In this paper, we extend previous results supporting the practicality of self-composition proofs of non-interference and generalizations thereof. We tackle the formal verification of high-level security policies adopted in the implementation of the recently proposed NaCl cryptographic library. We formalize these policies and propose a formal verification approach based on self-composition, extending the range of security policies that could previously be handled using this technique. We demonstrate our results by addressing compliance with the NaCl security policies in real-world cryptographic code, highlighting the potential for automation of our techniques.This work was partially supported by project SMART, funded by ENIAC joint Undertaking (GA 120224)
Principals in Programming Languages: Technical Results
This is the companion technical report for ``Principals in Programming Languages'' [20]. See that document for a more readable version of these results. In this paper, we describe two variants of the simply typed -calculus extended with a notion of {\em principal}. The results are languages in which intuitive statements like ``the client must call to obtain a file handle'' can be phrased and proven formally. The first language is a two-agent calculus with references and recursive types, while the second language explores the possibility of multiple agents with varying amounts of type information. We use these calculi to give syntactic proofs of some type abstraction results that traditionally require semantic arguments
Computer Security from a Programming Language and Static Analysis Perspective
International audienceA short survey on language-based computer security. Extended abstract of invited lecture
Quantitative Strongest Post: A Calculus for Reasoning about the Flow of Quantitative Information
We present a novel strongest-postcondition-style calculus for quantitative
reasoning about non-deterministic programs with loops. Whereas existing
quantitative weakest pre allows reasoning about the value of a quantity after a
program terminates on a given initial state, quantitative strongest post allows
reasoning about the value that a quantity had before the program was executed
and reached a given final state. We show how strongest post enables reasoning
about the flow of quantitative information through programs. Similarly to
weakest liberal preconditions, we also develop a quantitative strongest liberal
post. As a byproduct, we obtain the entirely unexplored notion of strongest
liberal postconditions and show how these foreshadow a potential new program
logic - partial incorrectness logic - which would be a more liberal version of
O'Hearn's recent incorrectness logic