An Extended Proof-Carrying Code Framework for Security Enforcement
نویسندگان
چکیده
The rapid growth of the Internet has resulted in increased attention to security to protect users from being victims of security threats. In this paper, we focus on security mechanisms that are based on Proof-Carrying Code (PCC) techniques. In a PCC system, a code producer sends a code along with its safety proof to the consumer. The consumer executes the code only if the proof is valid. Although PCC has been shown to be a useful security framework, it suffers from the sheer size of typical proofs -proofs of even small programs can be considerably large. In this paper, we propose an extended PCC framework (EPCC) in which, instead of the proof, a proof generator for the program in question is transmitted. This framework enables the execution of the proof generator and the recovery of the proof on the consumer’s side in a secure manner using a newly created virtual machine called the VEP (Virtual Machine for Extended PCC).
منابع مشابه
Integration of a Security Type System into a Program Logic
Type systems and program logics are often conceived to be at opposing ends of the spectrum of formal software analyses. In this paper we show that a flow-sensitive type system ensuring non-interference in a simple while language can be expressed through specialised rules of a program logic. In our framework, the structure of non-interference proofs resembles the corresponding derivations in a r...
متن کاملA Semantic Model of Types and Machine Instructions for Proof-Carrying Code
Proof-carrying code is a framework for proving the safety of machine-language programs with a machinecheckable proof. Such proofs have previously defined type-checking rules as part of the logic. We show a universal type framework for proof-carrying code that will allow a code producer to choose a programming language, prove the type rules for that language as lemmas in higher-order logic, then...
متن کاملA new security proof for FMNV continuous non-malleable encoding scheme
A non-malleable code is a variant of an encoding scheme which is resilient to tampering attacks. The main idea behind non-malleable coding is that the adversary should not be able to obtain any valuable information about the message. Non-malleable codes are used in tamper-resilient cryptography and protecting memories against tampering attacks. Many different types of non-malleability have alre...
متن کاملTowards Practical Functional Programming with Logical Frameworks Extended version
In this paper we show that the logical framework LF [6] extended by Σ-types serves as an excellent candidate for the representation of special purpose domains that are best encoded using higher-order abstract syntax and hypothetical judgments. It has an elegant meta-theory and Σ-types prove enormously useful in the design of a functional programming language Delphin that permits programmers to ...
متن کاملType-preserving Compilation for End-to-end Verification of Security Enforcement
A number of programming languages use rich type systems to verify security properties of code. Some of these languages are meant for source programming, but programs written in these languages are compiled without explicit security proofs, limiting their utility in settings where proofs are necessary, e.g., proof-carrying authorization. Others languages do include explicit proofs, but these are...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Trans. Computational Science
دوره 11 شماره
صفحات -
تاریخ انتشار 2010