Jakarta: A Toolset for Reasoning about JavaCard

Barthe, Gilles; Dufay, Guillaume; Huisman, Marieke; Sousa, Simão Melo de

doi:10.1007/3-540-45418-7_2

Cited by 21 publications

(15 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, we have illustrated the usefulness of our package in reasoning about the JavaCard platform. This positive experience supports the claim laid in [2] that proofs of correctness of the JavaCard platform can be automated to a large extent and indicates that proof assistants could provide a viable approach to validate novel type systems for future versions of Javacard.…”

Section: Resultssupporting

confidence: 69%

See 1 more Smart Citation

Efficient Reasoning about Executable Specifications in Coq

Barthe

Courtieu

2002

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. We describe a package to reason efficiently about executable specifications in Coq. The package provides a command for synthesizing a customized induction principle for a recursively defined function, and a tactic that combines the application of the customized induction principle with automatic rewriting. We further illustrate how the package leads to a drastic reduction (by a factor of 10 approximately) of the size of the proofs in a large-scale case study on reasoning about JavaCard.

show abstract

Section: Resultssupporting

confidence: 69%

“…We would like to introduce functions using the format of conditional rewriting rules of [2]. Indeed, this format, which can be automatically translated into Coq (provided the guard conditions are satisfied), lead to more readable specifications, especially for partial functions.…”

Section: Extensionsmentioning

confidence: 99%

Efficient Reasoning about Executable Specifications in Coq

Barthe

Courtieu

2002

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Term rewriting has been used to model a variety of problems in security, from the analysis of security protocols (see, for example, [12,37,60]) to the definition of policies for controlling information leakage [36]. On access control specifically, Koch et al [48] use graph transformation rules to formalise RBAC, and more recently, [10,59,21] use term rewrite rules to model particular access control models and to express access control policies.…”

Section: Related Workmentioning

confidence: 99%

A metamodel of access control for distributed environments: Applications and properties

Bertolissi

Fernández

2014

Information and Computation

View full text Add to dashboard Cite

We describe a metamodel for access control, designed to take into account the specific requirements of distributed environments. We see a distributed system consisting of several sites, each with its own resources to protect, as a federation, and propose a framework for the specification (and enforcement) of global access control policies that take into account the local policies specified by each member of the federation. The framework provides mechanisms to specify heterogeneous local access control policies, to define policy composition operators, and to use them to define conflict-free access authorisation decisions. We use a declarative formalism in order to give an operational semantics to the distributed metamodel. We then show how properties of policies can be directly obtained from standard results for the operational semantics of access request evaluation.

show abstract

“…The first attempts to develop formal theories to define and validate security policies (see, for instance, [16]) have used first-order theorem provers, purpose-built logics, or flow-analysis, but these approaches have limitations (as discussed for instance in [24]). More recently, rewriting techniques have been fruitfully exploited in the context of security protocols (see [6,22,2]), security policies controlling information leakage (see [21]), and access control policies (see [35,12]). Along these lines, rewriting systems appear to be well adapted for providing a semantics for distributed access control mechanisms.…”

Section: Introductionmentioning

confidence: 99%

Rewrite Specifications of Access Control Policies in Distributed Environments

Bertolissi

Fernández

2011

Security and Trust Management

View full text Add to dashboard Cite

Abstract. We define a metamodel for access control that takes into account the requirements of distributed environments, where resources and access control policies may be distributed across several sites. This distributed metamodel is an extension of the category-based metamodel proposed in previous work (from which standard centralised access control models such as MAC, DAC, RBAC, Bell-Lapadula, etc. can be derived). We use a declarative formalism in order to give an operational semantics to the distributed metamodel. We then show how various distributed access control models can be derived as instances of the distributed metamodel, including distributed models where each site implements a different kind of local access control model.

show abstract

Jakarta: A Toolset for Reasoning about JavaCard

Cited by 21 publications

References 21 publications

Efficient Reasoning about Executable Specifications in Coq

Efficient Reasoning about Executable Specifications in Coq

A metamodel of access control for distributed environments: Applications and properties

Rewrite Specifications of Access Control Policies in Distributed Environments

Contact Info

Product

Resources

About