2,266 research outputs found
A Denotational Semantics for Communicating Unstructured Code
An important property of programming language semantics is that they should
be compositional. However, unstructured low-level code contains goto-like
commands making it hard to define a semantics that is compositional. In this
paper, we follow the ideas of Saabas and Uustalu to structure low-level code.
This gives us the possibility to define a compositional denotational semantics
based on least fixed points to allow for the use of inductive verification
methods. We capture the semantics of communication using finite traces similar
to the denotations of CSP. In addition, we examine properties of this semantics
and give an example that demonstrates reasoning about communication and jumps.
With this semantics, we lay the foundations for a proof calculus that captures
both, the semantics of unstructured low-level code and communication.Comment: In Proceedings FESCA 2015, arXiv:1503.0437
Towards Formal Interaction-Based Models of Grid Computing Infrastructures
Grid computing (GC) systems are large-scale virtual machines, built upon a
massive pool of resources (processing time, storage, software) that often span
multiple distributed domains. Concurrent users interact with the grid by adding
new tasks; the grid is expected to assign resources to tasks in a fair,
trustworthy way. These distinctive features of GC systems make their
specification and verification a challenging issue. Although prior works have
proposed formal approaches to the specification of GC systems, a precise
account of the interaction model which underlies resource sharing has not been
yet proposed. In this paper, we describe ongoing work aimed at filling in this
gap. Our approach relies on (higher-order) process calculi: these core
languages for concurrency offer a compositional framework in which GC systems
can be precisely described and potentially reasoned about.Comment: In Proceedings DCM 2013, arXiv:1403.768
Composition and Declassification in Possibilistic Information Flow Security
Formal methods for security can rule out whole classes of security vulnerabilities, but applying them in practice remains challenging. This thesis develops formal verification techniques for information flow security that combine the expressivity and scalability strengths of existing frameworks. It builds upon Bounded Deducibility (BD) Security, which allows specifying and verifying fine-grained policies about what information may flow when to whom. Our main technical result is a compositionality theorem for BD Security, providing scalability by allowing us to verify security properties of a large system by verifying smaller components. Its practical utility is illustrated by a case study of verifying confidentiality properties of a distributed social media platform. Moreover, we discuss its use for the modular development of secure workflow systems, and for the security-preserving enforcement of safety and security properties other than information flow control
CoSMeDis : a distributed social media platform with formally verified confidentiality guarantees
We present the design, implementation and information flow verification of CoSMeDis, a distributed social media platform. The system consists of an arbitrary number of communicating nodes, deployable at different locations over the Internet. Its registered users can post content and establish intra-node and inter-node friendships, used to regulate access control over the posts. The system's kernel has been verified in the proof assistant Isabelle/HOL and automatically extracted as Scala code. We formalized a framework for composing a class of information flow security guarantees in a distributed system, applicable to input/output automata. We instantiated this framework to confidentiality properties for CoSMeDis's sources of information: posts, friendship requests, and friendship status
CoSMeDis: a distributed social media platform with formally verified confidentiality guarantees
We present the design, implementation and information flow verification of CoSMeDis, a distributed social media platform. The system consists of an arbitrary number of communicating nodes, deployable at different locations over the Internet. Its registered users can post content and establish intra-node and inter-node friendships, used to regulate access control over the posts. The system’s kernel has been verified in the proof assistant Isabelle/HOL and automatically extracted as Scala code. We formalized a framework for composing a class of information flow security guarantees in a distributed system, applicable to input/output automata. We instantiated this framework to confidentiality properties for CoSMeDis’s sources of information: posts, friendship requests, and friendship status
- …