Formalizing non-interference for a simple bytecode language in Coq

Formal Aspects of Computing

Volumn 20, Issue 3, 2008, Pages 259-275

  Kammüller, Florian ^a  

^a TECHNISCHE UNIVERSITÄT BERLIN   (Germany)

Author keywords

Formal methods for security; Interactive theorem proving; Modular specification; Programming language analysis

Indexed keywords

CODES (SYMBOLS); FORMAL METHODS; SECURITY OF DATA; THEOREM PROVING;

BYTECODES; INTERACTIVE THEOREM PROVING;

JAVA PROGRAMMING LANGUAGE;

EID: 43449093752     PISSN: 09345043     EISSN: 1433299X     Source Type: Journal    
DOI: 10.1007/s00165-007-0055-2     Document Type: Article

References (44)

1. Andronick J, Chetali B, Ly O (2003) Using Coq to verify Java Card Applet Isolation Properties. Theorem proving in higher order logics, TPHOLs'03. LNCS, vol 2758. Springer, Heidelberg
2. Bicolano and MOBIUS base logic. http://mobius.inria.fr/twiki/bin/view/ Bicolano, 2007
3. Banerjee A, Naumann DA (2003) Stack-based access control for secure information flow. J Funct Program 15(2):131-177
4. Barthe G, Basu A, Rezk T (2004) Security types preserving compilation. Verification, model checking, and abstract interpretation, VMCAI'04. LNCS, vol 2934. Springer, Heidelberg
5. Barthe G, Dufay G (2004) A Tool-assisted framework for certified bytecode verification. Fundamental approaches to software engineering, FASE 2004. LNCS, vol 2984. Springer, Heidelberg
6. Barthe G, Kammüller F (2005) Certified bytecode verifier for non-interference. Technical Report, INRIA Sophia-Antipolis
7. Bell DE, LaPadula LJ (1996) Secure Computer systems: a mathematical model. Technical Report MTR-2547(2), MITRE Corp. Bedford, 1973. Reprinted in J Comput Secur 4(2-3):239-263. IOS Press
8. Bertot Y, Castéran P (2004) Interactive theorem proving and program development-Coq'art: the calculus of inductive constructions. Springer, Heidelberg
9. Chen Z (2000) Java card technology for smart cards: architecture and programmer's guide. Addison Wesley, Reading
10. National Institute of Standards and Technology (2005) Common criteria for information technology security evaluation. US Department of Commerce, National Bureau of Standards and Technology. http://csrc.nist.gov/cc
11. Chrzaszcz J (2003) Implementing modules in the Coq system. In: Theorem proving in higher order logics, TPHOLs 2003. LNCS, vol 2758. Springer, Heidelberg, pp 270-286
12. Church A (1940) A formulation of the simple theory of types. J Symb Logic 5(2):56-68
13. Coquand T, Paulin-Mohring C (1990) Inductively defined types. In: Martin-Löf P, Mints G (eds) International conference in computer logic, Colog'88. LNCS, vol 417. Springer, Heidelberg
14. Coq Development Team (2004) The Coq proof assistant user's guide. Version 8.0
15. Denning DE, Denning PJ (1977) Certification of programs for secure information flow. Commun ACM 20(7):504-513
16. Dufay G (2003) Vérification Formelle de la Plate-Forme Java Card. Thèse de Doctorat. Université de Nice Sophia-Antipolis
17. Fenton JS (1973) Information protection systems. PhD Thesis, University of Cambridge
18. Goguen J, Meseguer J (1982) Security policies and security models. In: Proceedings of symposium on operating system principles, SOSP'82. IEEE Computer Society Press, New York, pp 11-22
19. Härtel PH, Moreau L (2001) Formalising the Safety of Java, the Java Virtual Machine and Java Card. ACM Comput Surv (CSUR) 33(4):517-558
20. Howard WA (1980) The formulae-as-types notion of construction. In: Seldin JP, Hindley JR (eds) To H.B. Curry: Essays on combinatory logic, lambda-calculus, and formalism. Academic, NY, pp 479-490
21. Joshi R, Leino KRM (2000) A semantic approach to secure information flow. Sci Comput Programm 37:113-138
22. Kammüller F (1999) Modular reasoning in isabelle. PhD thesis, Computer Laboratory, University of Cambridge, Technical Report 470
23. Kammüller F. http://www.swt.cs.tu-berlin.de/~flokam/coq/index.html
24. Kammüller F, Paulson LC (1999) A formal proof of Sylow's first theorem-an experiment in abstract algebra with isabelle HOL. J Autom Reason 23(3):235-264
25. Klein G, Nipkow T (2002) Verified bytecode verifiers. Theor Comput Sci 298(3):583-626
26. Leroy X (2003) Java bytecode verification: algorithms and formalizations. J Autom Reason Special Issue Bytecode Verif 30(3-4):235-269
27. MacQueen DB (1986) Using dependent types to express modular structures. In: Proceedings of 13th ACM symposium on principles of programming languages, POPL'96. Association for Computing Machinery
28. Mobius: Mobility, Ubiquity and Security (2007). http://mobius.inria.fr/ twiki/bin/view/Mobius
29. Mosses PD (1999) Foundations of modular SOS. In: Mathematical Foundations of Computer Science, MFCS'99. LNCS, vol 1672. Springer, Heidelberg
30. Naumann DA (2005) Verifying a secure information flow analyzer. Theorem proving in higher order logics, TPHOLs'05, Oxford 2005. LNCS, vol 3603. Springer, Heidelberg
31. Necula GC, Lee P (1996) Safe Kernel extensions without run-time checking. In: Proceedings of 2nd USENIX symposium on operating systems design and implementation (OSDI). October 1996. Operating systems review, Special Issue, ACM, 1996 and USENIX Association, New York, pp 229-243
32. Nelson PA (1979) A Comparison of Pascal intermediate languages. ACM SIGPLAN Notices 14(8):208-213
33. Oheimb Dv (2001) Analyzing Java in Isabelle/HOL: formalization, type safety and hoare logic. PhD Thesis, Technische Universität München
34. Oheimb Dv (2004) Information flow control revisited: Noninfluence = Noninterference + Nonleakage. In: 9th European symposium on research in computer security, ESORICS'04. LNCS, vol 3193. Springer, Heidelberg
35. Oheimb Dv, Nipkow T (1999) Machine-checking the Java language specification: proving type-safety. In: Alves-Foss J (ed) Formal syntax and semantics of Java. LNCS, vol 1523. Springer, Heidelberg, pp 119-156
36. Pierce B (2002) Types and programming languages. Wiley, New York
37. Rushby J (1992) Noninterference, transitivity, and channel-control security policies. Technical Report csl-92-2, SRI, Palo Alto
38. Sabelfeld A, Myers A (2003) Language-based information-flow security. Selected Areas Commun 21:5-19
39. Seldin JP, Hindley JR (eds) (1980) To H B Curry: essays on combinatory logic. Academic, New York
40. Stärk R, Schmid J, Börger E (2001) Java and the Java virtual machine: definition, verification, validation. Springer, Heidelberg
41. Strecker M (2003) Formal analysis of an information flow type system for MicroJava (extended version). Technical Report, Technische Universität München
42. Thompson S (1991) Type theory and functional programming. Addison-Wesley, Reading
43. Tuch H, Klein G, Norrish M (2007) Types, bytes, and separation logic. In: Principles of programming languages, POPL'07. ACM SIGPLAN 42(1), Association for Computing Machinery
44. Wirth N (1976) Algorithms + Datastructures = Programs. Prentice Hall, New Jersey