From system F to typed assembly language

Morrisett, Greg; Walker, David; Crary, Karl; Glew, Neal

doi:10.1145/268946.268954

Cited by 305 publications

(224 citation statements)

References 47 publications

Supporting

Mentioning

221

Contrasting

Unclassified

Order By: Relevance

“…TAL [4,11] adds types to assembly programs and certifies Certified assembly programming (CAP) [6,8] certifies safety properties of assembly programs with preconditions. Both of these two systems use the continuation passing style to understand the whole assembly program.…”

Section: Related Work and Conclusionmentioning

confidence: 99%

See 1 more Smart Citation

Certifying assembly programs with trails

Wang

2011

Front. Comput. Sci. China

View full text Add to dashboard Cite

In this paper, we introduce a new way of certifying assembly programs. Unlike previous program logics, we extract the control-flow information from the code and generate an intermediate trail between the specification and the real code. Trails are auxiliary specifications and treated as modules in the certification process. We define a simple modular program logic called trail-based certified assembly programming (TCAP) to certify and link different parts of a program using the corresponding trails. Because the control flow information in trails is explicit, the rules are easier to design. We show that our logic is powerful enough to prove partial correctness of assembly programs with features including stack-based abstractions and self-modifying code. We also provide a semantics for TCAP and prove that the logic is sound with respect to the semantics.

show abstract

Section: Related Work and Conclusionmentioning

confidence: 99%

“…Since high-level languages are compiled to machine code to execute, and it is hard to prove that a compiler with complex optimizations produces correct machine code from verified high-level-language programs, verifying properties directly at the assembly level has been a commonly used approach over the last ten years [3][4][5].…”

Section: Introductionmentioning

confidence: 99%

Certifying assembly programs with trails

Wang

2011

Front. Comput. Sci. China

View full text Add to dashboard Cite

show abstract

“…Other work on security in programming languages has focused on ensuring safety properties of untrusted code [31,30,24] and preventing unwanted security flows in programs [13,27,42,33]. Sabelfeld and Myers [35] provide an excellent overview of work in language-based information-flow security.…”

Section: Related Workmentioning

confidence: 99%

An End-To-End Approach to Distributed Policy Language Implementation

Chothia

Duggan

2007

Electronic Notes in Theoretical Computer Science

View full text Add to dashboard Cite

Language-based security approaches to access control and information flow control must at some point rely on a language for expressing policies. However there will in general be several choices for the correct policy language for any given application, and several choices for the implementation of a policy language in a given domain. This article considers an approach to implementing the policy language at the application level, relying on trusted cryptographic libraries whose interface security guarantees are used to verify the correctness of the policy language implementation. using these libraries, they are implicitly enforcing security policies for the data is being exchanged. This policy is often unstated, or only stated informally in program comments. If these security policies are stated in a suitably formal policy language, then adherence to these policies may be verified, often using automatic or semiautomatic techniques.One particular approach, exemplified by language-based security, is to express the policies in a policy language that is incorporated into the type system. Typechecking then provides an avenue for checking the correct manipulation of data according to the security policies expressed in program types. These security policies can then be related to the cryptographic libraries used to secure network communications, via typed APIs for cryptographic operations that express the security guarantees these operations are intended to enforce (e.g., encryption for secrecy, digital signing for integrity).An obvious issue that needs to be addressed is the form of the policy language that is used in the type system to express security policies. The problem is that any policy language will inevitably (and in fact fairly quickly) run into applications for which is it inadequate. For example, the JIF language [26,25,28] incorporates a policy language based on sets of access control lists (ACLs), augmented with a form of delegation of principal rights. An obvious extension to consider for the JIF policy language is some form of role-based access control (RBAC), including some notion of delegation of role-based rights [7]. But even if one just considers the extension with role-based access control, there are many variations on RBAC that could be added. The RT family of languages by Li et al [22,23] is a good candidate for such a policy language, since it appears to be the closest to a "universal" language for distributed RBAC (i.e., with delegation). But there are numerous variations in the RT family, and presumably more variations still to be proposed. Furthermore there are new policy languages being constantly proposed that go beyond RBAC and delegation, such as policy languages where principals share control of access to resources.Rather than committing to a single policy language for all applications, an "endto-end" approach would allow individual applications to define their own policy languages, or to choose from a library of possible policy languages. Rather than committing to a particular policy la...

show abstract

“…Recent approaches to mobile code safety involve associating safety information in the form of a certificate to programs [13,11,12]. The certificate (or proof) is created at compile time, and packaged along with the untrusted code.…”

Section: Introductionmentioning

confidence: 99%

An Abstract Interpretation-based Approach to Mobile Code Safety

Albert

Puebla

Hermenegildo

2005

Electronic Notes in Theoretical Computer Science

View full text Add to dashboard Cite

Recent approaches to mobile code safety, like proof-carrying code, involve associating safety information to programs. The code supplier provides a program and also includes with it a certificate (or proof ) whose validity entails compliance with a predefined safety policy. The intended benefit is that the program consumer can locally validate the certificate w.r.t. the "untrusted" program by means of a certificate checker-a process which should be much simpler, efficient, and automatic than generating the original proof. We herein introduce a novel approach to mobile code safety which follows a similar scheme, but which is based throughout on the use of abstract interpretation techniques. In our framework the safety policy is specified by using an expressive assertion language defined over abstract domains. We identify a particular slice of the abstract interpretation-based static analysis results which is especially useful as a certificate. The validity of the certificate on the consumer side is checked by a very simplified and efficient specialized abstract-interpreter. Our ideas are illustrated through an example implemented in the context of constraint logic programs, using the CiaoPP system. Though further experimentation is still required, we believe the proposed approach is of interest for bringing the automation and expressiveness which is inherent in the abstract interpretation techniques to the area of mobile code safety.

show abstract

From system F to typed assembly language

Cited by 305 publications

References 47 publications

Certifying assembly programs with trails

Certifying assembly programs with trails

An End-To-End Approach to Distributed Policy Language Implementation

An Abstract Interpretation-based Approach to Mobile Code Safety

Contact Info

Product

Resources

About