Policies and Proofs for Code Auditing

نویسندگان

Nathan Whitehead

Jordan Johnson

Martín Abadi

چکیده

Both proofs and trust relations play a role in security decisions, in particular in determining whether to execute a piece of code. We have developed a language, called BCIC, for policies that combine proofs and trusted assertions about code. In this paper, using BCIC, we suggest an approach to code auditing that bases auditing decisions on logical policies and tools.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

The Audit Logic Policy Compliance in Distributed Systems

We present a distributed framework where agents can share data along with usage policies. We use an expressive policy language including conditions, obligations and delegation. Our framework also supports the possibility to refine policies. Policies are not enforced a-priori. Instead policy compliance is checked using an a-posteriri auditing approach. Policy compliance is shown by a (logical) p...

متن کامل

Mobile Resource Guarantees and Policies

This paper introduces notions of resource policy for mobile code to be run on smart devices, to integrate with the proof-carrying code architecture of the Mobile Resource Guarantees (MRG) project. Two forms of policy are used: guaranteed policies which come with proofs and target policies which describe limits of the device. A guaranteed policy is expressed as a function of a methods input size...

متن کامل

Tax Evasion and Auditing in a Federal Economy

This paper analyzes the relation between tax auditing and fiscal equalization in the context of fiscal competition. We incorporate a model of tax evasion by firms into a standard tax competition framework where regional governments use their audit rates as a strategic instrument to engage in fiscal competition. It is well known that in such a situation fiscal equalization can mitigate the ineff...

متن کامل

Presenting a model for optimized selection of certified public accountants based on compliance with code of ethics for professional accountants with personality trait approach

Abstract Personality is one of the ways to illustrate human’s characteristics which is usually related to some stable features and other hand Many research evidence regarding big five personal traits have been extended during the years. Current research presents a practical model for optimized selection of certified public accountants based on their personal traits. This study is of causal and ...

متن کامل

Strategic Audit Policies Without Commitment

This paper constructs and analyzes a simple model of auditing in which three principal issues are explored, namely: (i) The information contained in the report. An audit is a process of verification of a report of private information available to the reporter but not to the auditor. What information is contained in a report? Is it sufficient for the auditor to infer the private information exac...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2007

Policies and Proofs for Code Auditing

نویسندگان

چکیده

منابع مشابه

The Audit Logic Policy Compliance in Distributed Systems

Mobile Resource Guarantees and Policies

Tax Evasion and Auditing in a Federal Economy

Presenting a model for optimized selection of certified public accountants based on compliance with code of ethics for professional accountants with personality trait approach

Strategic Audit Policies Without Commitment

عنوان ژورنال:

اشتراک گذاری