10 research outputs found
Combining Different Proof Techniques for Verifying Information Flow Security
When giving a program access to secret information, one
must ensure that the program does not leak the secrets to
untrusted sinks. For reducing the complexity of such an
information flow analysis, one can employ compositional
proof techniques. In this article, we present a new
approach to analyzing information flow security in a
compositional manner. Instead of committing to a proof
technique at the beginning of a verification, this choice
is made during verification with the option of flexibly
migrating to another proof technique. Our approachalso
increases the precision of compositional reasoning in
comparisonto the traditional approach. We illustrate the
advantages in twoexemplary security analyses, on the
semantic level and on thesyntactic level
A Probabilistic Justification of the Combining Calculus under the Uniform Scheduler Assumption
Combining Different Proof Techniques for Verifying Information Flow Security
When giving a program access to secret information, one
must ensure that the program does not leak the secrets to
untrusted sinks. For reducing the complexity of such an
information flow analysis, one can employ compositional
proof techniques. In this article, we present a new
approach to analyzing information flow security in a
compositional manner. Instead of committing to a proof
technique at the beginning of a verification, this choice
is made during verification with the option of flexibly
migrating to another proof technique. Our approachalso
increases the precision of compositional reasoning in
comparison to the traditional approach. We illustrate the
advantages in two exemplary security analyses, on the
semantic level and on the syntactic level