167,302 research outputs found
Footprints in Local Reasoning
Local reasoning about programs exploits the natural local behaviour common in
programs by focussing on the footprint - that part of the resource accessed by
the program. We address the problem of formally characterising and analysing
the footprint notion for abstract local functions introduced by Calcagno, O
Hearn and Yang. With our definition, we prove that the footprints are the only
essential elements required for a complete specification of a local function.
We formalise the notion of small specifications in local reasoning and show
that for well-founded resource models, a smallest specification always exists
that only includes the footprints, and also present results for the
non-well-founded case. Finally, we use this theory of footprints to investigate
the conditions under which the footprints correspond to the smallest safe
states. We present a new model of RAM in which, unlike the standard model, the
footprints of every program correspond to the smallest safe states, and we also
identify a general condition on the primitive commands of a programming
language which guarantees this property for arbitrary models.Comment: LMCS 2009 (FOSSACS 2008 special issue
Forensically-Sound Analysis of Security Risks of using Local Password Managers
Password managers have been developed to address the human challenges associated with password security, i.e., to solve usability issues in a secure way. They offer, e.g., features to create strong passwords, to manage the increasing number of passwords a typical user has, and to auto-fill passwords, sparing users the hassle of not only remembering but also typing them. Previous studies have focused mainly on the security analysis of cloud-based and browser-based password managers; security of local password managers remains mostly under-explored. This paper takes a forensic approach and reports on a case study of three popular local password managers: KeePass (v2.28), Password Safe (v3.35.1) and RoboForm (v7.9.12). Results revealed that either the master password or the content of the password database could be found unencrypted in Temp folders, Page files or Recycle bin, even after the applications had been closed. Therefore, an attacker or malware with temporary access to the computer on which the password managers were running may be able to steal sensitive information, even though these password managers are meant to keep the databases encrypted and protected at all times
Linearizability with Ownership Transfer
Linearizability is a commonly accepted notion of correctness for libraries of
concurrent algorithms. Unfortunately, it assumes a complete isolation between a
library and its client, with interactions limited to passing values of a given
data type. This is inappropriate for common programming languages, where
libraries and their clients can communicate via the heap, transferring the
ownership of data structures, and can even run in a shared address space
without any memory protection. In this paper, we present the first definition
of linearizability that lifts this limitation and establish an Abstraction
Theorem: while proving a property of a client of a concurrent library, we can
soundly replace the library by its abstract implementation related to the
original one by our generalisation of linearizability. This allows abstracting
from the details of the library implementation while reasoning about the
client. We also prove that linearizability with ownership transfer can be
derived from the classical one if the library does not access some of data
structures transferred to it by the client
Ram Essential
The underlying causes of food insecurity are complex and often intertwined with related issues that affect a student’s ability to meet even basic needs, such as housing, employment and health care, forcing them to choose between their well-being and their education. The latest Hunger in America report finds that about 10 percent of Feed America’s 46.5 million adult clients are college students. That equates to 2 million full-time college students. “Of those surveyed by the emergency food services network, roughly 30.5 percent of students reported that they were forced to choose between food and educational expenses at some point over the last year.”1 In response, colleges and universities, including VCU, have sprung into action, and the number of campus food pantries at higher educational institutions has risen from a handful in 2009 to more than 500 in 2017.2 But changing food insecurity to food security goes beyond providing just food. It involves a comprehensive approach to providing resources that address the causes and results of being food insecure. Ram Essentials is a holistic approach to addressing basic needs insecurity among VCU students by asking the question, What is essential for our students to be successful? The project focuses on raising the awareness of all existing VCU resources and disseminating them widely through a single user-friendly portal to enhance students’ experience, academic achievement and physical and mental well-being
- …