Safe, Untrusted Agents Using Proof-Carrying Code
نویسندگان
چکیده
Proof-Carrying Code (PCC) enables a computer system to determine, automatically and with certainty, that program code provided by another system is safe to install and execute without requiring interpretation or run-time checking. PCC has applications in any computing system in which the safe, eecient, and dynamic installation of code is needed. The key idea of Proof-Carrying is to attach to the code an easily-checkable proof that its execution does not violate the safety policy of the receiving system. This paper describes the design and a typical implementation of Proof-Carrying Code, where the language used for specifying the safety properties is rst-order predicate logic. Examples of safety properties that are covered in this paper are memory safety and compliance with data access policies, resource usage bounds, and data abstraction boundaries.
منابع مشابه
Proof Carrying Code
Proof-Carrying Code (PCC) is a technique that can be used for safe execution of untrusted code. In a typical instance of PCC, a code receiver establishes a set of safety rules that guarantee safe behavior of programs, and the code producer creates a formal safety proof that proves, for the untrusted code, adherence to the safety rules. Then, the receiver is able to use a simple and fast proof v...
متن کاملProofs of Safety for Untrusted Code
Proof-carrying code is a technique that can be used to execute untrusted code safely. A code consumer speci es requirements and safety rules which de ne the safe behavior of a system, and a code producer packages each program with a formal proof that the program satis es the requirements. The consumer uses a fast proof validator to check that the proof is correct, and hence the program is safe....
متن کاملProof-Carrying Code for x86 Architectures
This paper presents an extension of Necula and Lee’s Proof-Carrying Code (PCC) system to support the x86 architecture. PCC is a security scheme which allows the safe execution of untrusted code. Untrusted code to be executed is required to be coupled with a proof that the code satisfies certain safety properties. This code-proof pair is statically checked by the client system prior to execution...
متن کاملPrograms from Proofs - Approach and Applications
Proof-carrying code approaches aim at the safe execution of untrusted code by having the code producer attach a safety proof to the code which the code consumer only has to validate. Depending on the type of safety property, proofs can however become quite large and their validation though faster than their construction still time consuming. Programs from Proofs is a new concept for the safe ex...
متن کاملSharing in Typed Module Assembly Language
There is a growing need to provide low-overhead software-based protection mechanisms to protect against malicious or untrusted code. Type-based approaches such as proof-carrying code and typed assembly language provide this protection by relying on untrusted compilers to certify the safety properties of machine language programs. Typed Module Assembly Language (TMAL) is an extension of typed as...
متن کامل