NICTA, Sydney, Australia
UNSW, Australia
We extend the range of security policies that can be guaranteed with proof carrying code from the classical type safety, control safety, memory safety, and space/time guarantees to more general security policies, such as general resource and access control. We do so by means of (1) a specification logic for security policies, which is the past-time fragment of LTL, and (2) a synthesis algorithm generating reference monitor code and accompanying proof objects from formulae of the specification logic. To evaluate the feasibility of our approach, we developed a prototype implementation producing proofs in Isabelle/HOL.
@inproceedings{Winwood_KC_06,
address = {Venice, Italy},
author = {Simon Winwood and Gerwin Klein and Manuel Chakravarty},
booktitle = {Proceedings of the 16th International Symposium on Logic-Based Program Synthesis and Transformation},
isbn = {3-540-71409-X},
pages = {111--126},
paperurl = {https://trustworthy.systems/publications/papers/Winwood_KC_06.pdf},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
title = {On the Synthesis of Proof-Carrying Temporal Reference Monitors},
volume = {4407},
year = {2006}
}
Full text
BibTeX