Refinement types for secure implementations

Proceedings - IEEE Computer Security Foundations Symposium

Volumn , Issue , 2008, Pages 17-32

  Bengtson, Jesper ^a   Bhargavan, Karthikeyan ^b   Fournet, Cédric ^b   Gordon, Andrew D ^b   Maffeis, Sergio ^c  

^a UPPSALA UNIVERSITY   (Sweden)

^b MICROSOFT RESEARCH   (United States)

^c UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER SECURITY; CRYPTOGRAPHIC PROTOCOLS; SOURCE CODING;

ACCESS CONTROL; CODES (SYMBOLS); COMPUTER NETWORKS; FOUNDATIONS; MACHINE DESIGN; SECURITY OF DATA; SECURITY SYSTEMS;

CRYPTOGRAPHY;

EID: 51749098783     PISSN: 19401434     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSF.2008.27     Document Type: Conference Paper

References (51)

1. M. Abadi. Access control in a core calculus of dependency. In International Conference on Functional Programming (ICFP'06), 2006.
2. M. Abadi. Secrecy by typing in security protocols. JACM, 46(5):749-786, Sept. 1999.
3. M. Abadi and B. Blanchet. Analyzing security protocols with secrecy types and logic programs. JACM, 52(1):102-146, 2005.
4. M. Abadi and C. Fournet. Access control based on execution history. In 10th Annual Network and Distributed System Symposium (NDSS'03). Internet Society, February 2003.
5. M. Abadi and A. D. Gordon. A calculus for cryptographic protocols: The spi calculus. Information and Computation, 148:1-70, 1999.
6. M. Abadi and R. Needham. Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering, 22(1):6-15, 1996.
7. M. Abadi, M. Burrows, B. Lampson, and G. Plotkin. A calculus for access control in distributed systems. ACMTOPLAS, 15(4):706-734, 1993.
8. A. Askarov, D. Hedin, and A. Sabelfeld. Cryptographicallymasked flows. In Static Analysis Symposium, volume 4134 of LNCS, pages 353-369. Springer, 2006.
9. D. Aspinall and A. Compagnoni. Subtyping dependent types. TCS, 266(1-2):273-309, 2001.
10. M. Barnett, M. Leino, and W. Schulte. The Spec# programming system: An overview. In CASSIS'05, volume 3362 of LNCS, pages 49-69. Springer, January 2005.
11. K. Bhargavan, C. Fournet, A. D. Gordon, and S. Tse. Verified interoperable implementations of security protocols. Technical Report MSR-TR-2006-46, Microsoft Research, 2007. See also CSFW'06 and WS-FM'06.
12. B. Blanchet. An efficient cryptographic protocol verifier based on Prolog rules. In IEEE Computer Security Foundations Workshop (CSFW'01), pages 82-96, 2001.
13. B. Blanchet, M. Abadi, and C. Fournet. Automated verification of selected equivalences for security protocols. Journal of Logic and Algebraic Programming, 75(1):3-51, 2008.
14. L. Cardelli. Typechecking dependent types and subtypes. In Foundations of Logic and Functional Programming, volume 306 of LNCS, pages 45-57. Springer, 1986.
15. A. Cirillo, R. Jagadeesan, C. Pitcher, and J. Riely. Do As I SaY! Programmatic access control with explicit identities. In IEEE Computer Security Foundations Symposium (CSF'07), pages 16-30, 2007.
16. D. R. Cok and J. Kiniry. ESC/Java2: Uniting ESC/Java and JML. In CASSIS'05, volume 3362 of LNCS, pages 108-128. Springer, 2004.
17. L. de Moura and N. Bjørner. Z3: An efficient SMT solver. In Tools and Algorithms for the Construction and Analysis of Systems (TACAC'08), volume 4963 of LNCS, pages 337-340. Springer, 2008.
18. D. Detlefs, G. Nelson, and J. Saxe. Simplify: A theorem prover for program checking. JACM, 52(3):365-473, 2005.
19. D. Dolev and A. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, IT-29(2):198-208, 1983.
20. D. Eastlake, J. Reagle, D. Solo, M. Bartel, J. Boyer, B. Fox, B. LaMacchia, and E. Simon. XML-Signature Syntax and Processing, 2002. W3C Recommendation, at http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/.
21. J.-C. Filliâtre. Why: a multi-language multi-prover verification condition generator, http://why.lri.fr/, 2003.
22. C. Flanagan, K. R. M. Leino, M. Lillibridge, G. Nelson, J. B. Saxe, and R. Stata. Extended static checking for Java. SIGPLAN Not., 37(5):234-245, 2002.
23. C. Fournet and T. Rezk. Crypto graphically sound implementations for typed information-flow security. In 35th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'08), pages 323-335, Jan. 2008.
24. C. Fournet, A. D. Gordon, and S. Maffeis. A type discipline for authorization policies. ACM TOPLAS, 29(5), 2007a. In press.
25. C. Fournet, A. D. Gordon, and S. Maffeis. A type discipline for authorization policies in distributed systems. In 20th IEEE Computer Security Foundations Symposium (CSF'07), pages 31-45, 2007b.
26. T. Freeman and F. Pfenning. Refinement types for ML. In Programming Language Design and Implementation (PLDI'91), pages 268-277. ACM, 1991.
27. A. D. Gordon and A. S. A. Jeffrey. Cryptyc: Cryptographic protocol type checker. At http://cryptyc.cs.depaul.edu/, 2002.
28. A. D. Gordon and A. S. A. Jeffrey. Authenticity by typing for security protocols. Journal of Computer Security, 11(4):451-521, 2003a.
29. A. D. Gordon and A. S. A. Jeffrey. Types and effects for asymmetric cryptographic protocols. Journal of Computer Security, 12(3/4):435-484, 2003b.
30. J. Goubault-Larrecq and F. Parrennes. Cryptographic protocol analysis on real C code. In VMCAI'05, pages 363-379, 2005.
31. J. Gronski, K. Knowles, A. Tomb, S. N. Freund, and C. Flanagan. Sage: Hybrid checking for flexible specifications. In R. Findler, editor, Scheme and Functional Programming Workshop, pages 93-104, 2006.
32. C. Gunter. Semantics of programming language. MIT Press, 1992.
33. E. Hubbers, M. Oostdijk, and E. Poll. Implementing a formally verifiable security protocol in Java Card. In Security in Pervasive Computing, pages 213-226, 2003.
34. J. H. Morris, Jr. Protection in programming languages. Commun. ACM, 16(1):15-21, 1973.
35. A. C. Myers. JFlow: Practical mostly-static information flow control. In ACM Symposium on Principles of Programming Languages (POPL'99), pages 228-241, 1999.
36. A. Nadalin, C. Kaler, P. Hallam-Baker, and R. Monzillo. OASIS Web Services Security: SOAP Message Security 1.0 (WS-Security 2004), Mar. 2004. At http://www.oasis-open.org/committees/download.php/5941/oasis-200401-wss-soap- message-security-1.0.pdf.
37. R. Needham and M. Schroeder. Using encryption for authentication in large networks of computers. Commun. ACM, 21(12):993-999, 1978.
38. B. Pierce and D. Sangiorgi. Typing and subtyping for mobile processes. Mathematical Structures in Computer Science, 6(5):409-454, 1996.
39. E. Poll and A. Schubert. Verifying an implementation of SSH. In WITS'07, pages 164-177, 2007.
40. F. Pottier and Y. Regis-Gianas. Extended static checking of call-by-value functional programs. Draft, July 2007. URL http://cristal.inria.fr/~fpottier/ publis/pottier-regis-gianas-escfp.ps.gz.
41. F. Pottier and V. Simonet. Information flow inference for ML. ACM TOPLAS, 25(1):117-158, 2003.
42. F. Pottier, C. Skalka, and S. Smith. A systematic approach to access control. In Programming Languages and Systems (ESOP 2001), volume 2028 of LNCS, pages 30-45. Springer, 2001.
43. P. Rondon, M. Kawaguchi, and R. Jhala. Liquid types. In Programming Language Design and Implementation (PLDV08). ACM, 2008. To appear.
44. J. Rushby, S. Owre, and N. Shankar. Subtypes for specifications: Predicate subtyping in PVS. IEEE Transactions on Software Engineering, 24(9):709-720, 1998.
45. A. Sabry and M. Felleisen. Reasoning about programs in continuation-passing style. LISP and Symbolic Computation, 6(3-4):289-360, 1993.
46. E. Sumii and B. Pierce. A bisimulation for dynamic sealing. TCS, 375(1-3):169-192, 2007. Extended abstract at POPL'04.
47. D. Syme, A. Granicz, and A. Cisternino. Expert F#. Apress, 2007.
48. J. A. Vaughan and S. Zdancewic. A cryptographic decentralized label model. In IEEE Symposium on Security and Privacy, pages 192-206, Washington, DC, USA, 2007.
49. T. Woo and S. Lam. A semantic model for authentication protocols. In IEEE Symposium on Security and Privacy, pages 178-194, 1993.
50. H. Xi and F. Pfenning. Dependent types in practical programming. In ACM Symposium on Principles of Programming Languages (POPL'99), pages 214-227. ACM, 1999.
51. D. N. Xu. Extended static checking for Haskell. In ACM SIGPLAN workshop on Haskell (Haskell'06), pages 48-59. ACM, 2006.