Secure distributed programming with value-dependent types

ACM SIGPLAN Notices

Volumn 46, Issue 9, 2011, Pages 266-278

  Swamy, Nikhil ^a   Chen, Juan ^a   Fournet, Cédric ^a   Strub, Pierre Yves ^b   Bhargavan, Karthikeyan ^c   Yang, Jean ^d  

^a MICROSOFT RESEARCH   (United States)

^b MSR INRIA   (France)

^c INRIA   (France)

^d MASSACHUSETTS INSTITUTE OF TECHNOLOGY   (United States)

Author keywords

Refinement types; Security type systems

Indexed keywords

BYTECODE VERIFICATION; BYTECODES; CODE SIZE; DISTRIBUTED APPLICATIONS; DISTRIBUTED PROGRAMMING; FUNCTIONAL LANGUAGES; LOGICAL CONSISTENCY; MODULAR REASONING; MULTI-TIER; PAYMENT PROTOCOL; PRIVACY PRESERVING; PROGRAM VERIFICATION; RECURSIONS; REFERENCE MONITORS; REFINEMENT TYPES; SECURITY TYPE SYSTEMS; WEB APPLICATION; ZERO KNOWLEDGE;

CRYPTOGRAPHY; INTERNET PROTOCOLS; LIBRARIES; USER INTERFACES;

PROGRAM COMPILERS;

EID: 80053344480     PISSN: 15232867     EISSN: None     Source Type: Journal    
DOI: 10.1145/2034574.2034811     Document Type: Conference Paper

References (30)

1. K. Avijit, A. Datta, and R. Harper. Distributed programming with distributed authorization. In TLDI, 2010.
2. M. Backes, C. Hritcu, and M. Maffei. Type-checking zero-knowledge. In CCS, 2008.
3. J. Bengtson, K. Bhargavan, C. Fournet, A. D. Gordon, and S. Maffeis. Refinement types for secure implementations. In CSF, 2008.
4. Y. Bertot and P. Castéran. Coq'Art: Interactive Theorem Proving and Program Development. Springer Verlag, 2004.
5. K. Bhargavan, R. Corin, P.-M. Dénielou, C. Fournet, and J. Leifer. Cryptographic protocol synthesis and verification for multiparty sessions. In CSF, 2009.
6. K. Bhargavan, C. Fournet, and A. D. Gordon. Modular verification of security protocol code by typing. In POPL, 2010.
7. J. Borgstrom, J. Chen, and N. Swamy. Verifying stateful programs with substructural state and hoare types. In PLPV '11, Jan. 2011.
8. I. Cervesato and F. Pfenning. A linear logical framework. Inf. Comput., 179 (1), 2002.
9. P. C. Chapin, C. Skalka, and X. S. Wang. Authorization in trust management: Features and foundations. ACM Comput. Surv., 40, 2008.
10. J. Chen, R. Chugh, and N. Swamy. Type-preserving compilation of end-toend verification of security enforcement. In PLDI '10. ACM, 2010.
11. L. de Moura and N. Bjørner. Z3: An efficient SMT solver. In TACAS, 2008.
12. P.-M. Deniélou and N. Yoshida. Dynamic multirole session types. In POPL, 2011.
13. G. Gonthier, A. Mahboubi, and E. Tassi. Research Report RR-6455, 2011.
14. A. D. Gordon and A. Jeffrey. Authenticity by typing for security protocols. Journal of Computer Security, 11(4):451-520, 2003.
15. A. Guha, M. Fredrikson, B. Livshits, and N. Swamy. Verified security for browser extensions. In IEEE Symposium on Security and Privacy (Oakland), 2011.
16. N. Guts, C. Fournet, and F. Z. Nardelli. Reliable evidence: Auditability by typing. In ESORICS, 2009.
17. K. Honda, N. Yoshida, and M. Carbone. Multiparty asynchronous session types. In POPL, 2008.
18. L. Jia and S. Zdancewic. Encoding information flow in aura. In PLAS, 2009.
19. L. Jia, J. Vaughan, K. Mazurak, J. Zhao, L. Zarko, J. Schorr, and S. Zdancewic. Aura: A programming language for authorization and audit. In ICFP, 2008.
20. O. Kiselyov, S. P. Jones, and C. chieh Shan. Fun with type functions, 2010. Unpub.
21. S. K. Lahiri, S. Qadeer, and D. Walker. Linear maps. PLPV '11. ACM, 2011.
22. U. Norell. Towards a practical programming language based on dependent type theory. PhD thesis, Chalmers Institute of Technology, 2007.
23. A. Rial and G. Danezis. Privacy-friendly smart metering. Technical report, Microsoft Research, nov 2010.
24. P. Sewell, F. Z. Nardelli, S. Owens, G. Peskine, T. Ridge, S. Sarkar, and R. Strnisa. Ott: Effective tool support for the working semanticist. JFP, 20(1), 2010.
25. M. Sozeau. Subset coercions in coq. In TYPES, 2007.
26. N. Swamy, B. J. Corcoran, and M. Hicks. Fable: A language for enforcing user-defined security policies. In S&P, 2008.
27. N. Swamy, J. Chen, and R. Chugh. Enforcing stateful authorization and information flow policies in Fine. In ESOP, 2010.
28. The Coq Development Team. Chapter 4: Calculus of Inductive Constructions. Technical report, 2010. URL http://coq.inria.fr.
29. J. A. Vaughan, L. Jia, K. Mazurak, and S. Zdancewic. Evidence-based audit. In CSF, 2008.
30. D. Volpano, G. Smith, and C. Irvine. A sound type system for secure flow analysis. Journal of Computer Security, 4(3):167-187, 1996.