A logic of secure systems and its application to trusted computing

Proceedings - IEEE Symposium on Security and Privacy

Volumn , Issue , 2009, Pages 221-236

  Datta, Anupam ^a   Franklin, Jason ^a   Garg, Deepak ^a   Kaynar, Dilsun ^a  

^a NONE

Author keywords

[No Author keywords available]

Indexed keywords

CODE INTEGRITY; CONCURRENT PROGRAMMING LANGUAGES; CRYPTOGRAPHIC OPERATIONS; EXECUTION INTEGRITY; NETWORK COMMUNICATIONS; PROGRAMMING MODELS; PROOF SYSTEM; REMOTE ATTESTATION; SECURE SYSTEM; SHARED MEMORIES; SYSTEM INTERFACES; TRUSTED COMPUTING;

ACCESS CONTROL; COMPUTER PROGRAMMING; CONCURRENCY CONTROL; NETWORK PROTOCOLS;

NETWORK SECURITY;

EID: 70449640065     PISSN: 10816011     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SP.2009.16     Document Type: Conference Paper

References (41)

1. "Trusted Computing Group (TCG)," https://www. trustedcomputinggroup.org/, 2008.
2. A. Datta, A. Derek, J. C. Mitchell, and D. Pavlovic, "A derivation system and compositional logic for security protocols," Journal of Computer Security, vol.13, no.3, pp. 423-482, 2005.
3. A. Datta, A. Derek, J. C. Mitchell, and A. Roy, "Protocol Composition Logic (PCL)." Electr. Notes Theor. Comput. Sci., vol.172, pp. 311-358, 2007.
4. N. Durgin, J. C. Mitchell, and D. Pavlovic, "A compositional logic for proving security properties of protocols," Journal of Computer Security, vol.11, pp. 677-721, 2003.
5. A. Roy, A. Datta, A. Derek, J. C. Mitchell, and J.-P. Seifert, "Secrecy analysis in protocol composition logic," Formal Logical Methods for System Security and Correctness, 2008.
6. R. Milner, M. Tofte, and R. Harper, The Definition of Standard ML. Cambridge, MA, USA: MIT Press, 1990.
7. J. Saltzer and M. Schroeder, "The protection of information in computer systems," Proceedings of the IEEE, vol.63, no.9, pp. 1278-1308, September 1975.
8. S. Brookes, "A semantics for concurrent separation logic," in Proceedings of 15th International Conference on Concurrency Theory, 2004.
9. Z. Manna and A. Pnueli, Temporal Verification of Reactive Systems: Safety. Springer-Verlag, 1995.
10. C. A. R. Hoare, "An axiomatic basis for computer programming," Communications of the ACM, vol.12, no.10, pp. 576-580, 1969.
11. P. W. O'Hearn, J. C. Reynolds, and H. Yang, "Local reasoning about programs that alter data structures," in Proceedings of the 15th International Workshop on Computer Science Logic. London, UK: Springer-Verlag, 2001, pp. 1-19.
12. J. C. Reynolds, "Separation logic: A logic for shared mutable data structures," in Proceeding of the 17th Annual IEEE Symposium on Logic in Computer Science (LICS). IEEE Computer Society, 2002, pp. 55-74.
13. Trusted Computing Group, "TCG Specification Architecture Overview, Specification Revision 1.4," https://www.trustedcomputinggroup.org/groups/ TCG-1-4-Architecture Overview.pdf, August 2007.
14. TCG, "PC client specific TPM interface specification (TIS)," Version 1.2, Revision 1.00, Jul. 2005.
15. Advanced Micro Devices, "AMD64 virtualization: Secure virtual machine architecture reference manual," AMD Publication no.33047 rev. 3.01, May 2005.
16. "Intel Trusted Execution Technology: Software Development Guide," Document Number: 315168-316005, Intel Corporation, June 2008.
17. A. Datta, J. Franklin, D. Garg, and D. Kaynar, "A logic of secure systems and its application to trusted computing," Carnegie Mellon University, Tech. Rep. CMU-CyLab-09- 001, 2009.
18. E. M. Chan, J. C. Carlyle, F. M. David, R. Farivar, and R. H. Campbell, "BootJacker: Compromising computers using forced restarts," in Proceedings of 15th ACM Conference on Computer and Communications Security, 2008.
19. S. Garriss, R. Cáceres, S. Berger, R. Sailer, L. van Doorn, and X. Zhang, "Towards trustworthy kiosk computing," in Workshop on Mobile Computing Systems and Applications, Feb. 2006.
20. H. DeYoung, D. Garg, and F. Pfenning, "An authorization logic with explicit time," in Proceedings of the 21st IEEE Computer Security Foundations Symposium (CSF-21), Jun. 2008.
21. J. Reed, "Hybridizing a logical framework," in International Workshop on Hybrid Logic 2006 (HyLo 2006), ser. Electronic Notes in Computer Science, August 2006.
22. T. Braüner and V. de Paiva, "Towards constructive hybrid logic," in Electronic Proceedings of Methods for Modalities 3 (M4M3), 2003.
23. "Secure virtual machine architecture reference manual." AMD Corp., May 2005. [Online]. Available: http://www.amd.com/us-en/assets/content- type/-white-papers-and-tech-docs/33047.pdf.
24. N. Krishnaswami, "Separation logic for a higher-order typed language," 2006, in Workshop on Semantics, Program Analysis and Computing Environments for Memory Management, SPACE06.
25. H. Thielecke, "Frame rules from answer types for code pointers," in 33rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. New York, NY, USA: ACM, 2006, pp. 309-319.
26. Z. Ni and Z. Shao, "Certified assembly programming with embedded code pointers," in 33rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. New York, NY, USA: ACM, 2006, pp. 320-333.
27. H. Cai, Z. Shao, and A. Vaynberg, "Certified selfmodifying code," in ACM SIGPLAN Conference on Programming Language Design and Implementation. New York, NY, USA: ACM, 2007, pp. 66-77.
28. A. Nanevski, G. Morrisett, and L. Birkedal, "Hoare type theory, polymorphism and separation," Journal of Functional Programming, vol. 18, no. 5&6, pp. 865-911, 2008.
29. B. Kauer, "OSLO: Improving the security of trusted computing," in Proceedings of the USENIX Security Symposium, Aug. 2007.
30. J. M. McCune, B. Parno, A. Perrig, M. K. Reiter, and H. Isozaki, "Flicker: An execution infrastructure for tcb minimization," in Proceedings of the ACM European Conference in Computer Systems (EuroSys), Apr. 2008.
31. A. Pnueli, "The temporal logic of programs," in Proceedings of 19th Annual Symposium on Foundations on Computer Science, 1977.
32. R. Kennell and L. H. Jamieson, "Establishing the genuinity of remote computer systems," in Proceedings of the 2003 USENIX Security Symposium, Aug. 2003.
33. A. Seshadri, A. Perrig, L. van Doorn, and P. Khosla, "SWATT: Software-based attestation for embedded devices," in Proceedings of the IEEE Symposium on Security and Privacy, May 2004.
34. A. Seshadri, M. Luk, E. Shi, A. Perrig, L. van Doorn, and P. Khosla, "Pioneer: Verifying code integrity and enforcing untampered code execution on legacy platforms," in Proceedings of ACM Symposium on Operating Systems Principles (SOSP), Oct. 2005.
35. D. Harel, D. Kozen, and J. Tiuryn, Dynamic Logic, ser. Foundations of Computing. MIT Press, 2000.
36. L. Lamport, "The temporal logic of actions," ACM Transactions on Programming Languages and Systems, vol.16, no.3, May 1994.
37. M. Abadi and T. Wobber, "A logical account of NGSCB," in Proceedings of Formal Techniques for Networked and Distributed Systems, 2004.
38. S. Chen, Y. Wen, and H. Zhao, "Formal analysis of secure bootstrap in trusted computing," in Proceedings of 4th International Conference on Autonomic and Trusted Computing, 2007.
39. S. Gurgens, C. Rudolph, D. Scheuermann, M. Atts, and R. Plaga, "Security evaluation of scenarios based on the TCG's TPM specification," in Proceedings of 12th European Symposium On Research In Computer Security, 2007.
40. J. Millen, J. Guttman, J. Ramsdell, J. Sheehy, and B. Sniffen, "Analysis of a measured launch," The MITRE Corporation, Tech. Rep., 2007.
41. A. H. Lin, "Automated analysis of security apis," Master's thesis, Massachusetts Institute of Technology, 2005