Safe, Untrusted Agents Using Proof-Carrying Code
Purchase on Springer.com
$29.95 / €24.95 / £19.95*
* Final gross prices may vary according to local VAT.
Proof-Carrying Code (PCC) enables a computer system to determine, automatically and with certainty, that program code provided by another system is safe to install and execute without requiring interpretation or run-time checking. PCC has applications in any computing system in which the safe, efficient, and dynamic installation of code is needed. The key idea is to attach to the code an easily-checkable proof that its execution does not violate the safety policy of the receiving system. This paper describes the design and a typical implementation of Proof-Carrying Code, where the language used for specifying the safety properties is first-order predicate logic. Examples of safety properties described in this paper are memory safety and compliance with data access policies, resource usage bounds, and data abstraction boundaries.
- Brian Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, David Becker, Marc Fiuczynski, Craig Chambers, and Susan Eggers. Extensibility, safety and performance in the SPIN operating system. In Symposium on Operating System Principles, pages 267–284, December 1995.
- Robert Boyer and J. Strother Moore. A Computational Logic. Academic Press, 1979.
- R.M. Burstall and P.J. Landin. Programs and their proofs: an algebraic approach. Machine Intelligence, (4), 1969.
- R. L. Constable, S. F. Allen, H. M. Bromley, W. R. Cleaveland, J. F. Cremer, R.W. Harper, D. J. Howe, T. B. Knoblock, N. P. Mendler, P. Panangaden, J. T. Sasaki, and S. F. Smith. Implementing Mathematics with the Nuprl Proof Development System. Prentice-Hall, 1986.
- Thiery Coquand and Gerard Huet. Constructions: A higher order proof system for mechanizing mathematics. In Proc. European Conf. on Computer Algebra (EUROCAL’85), LNCS 203, pages 151–184. Springer-Verlag, 1985.
- D.C. Luckham et al. Stanford Pascal verifier user manual. Technical Report STAN-CS-79-731, Dept. of Computer Science, Stanford Univ., March 1979.
- David Detlefs. An overview of the Extended Static Checking system. In Proceedings of the First Formal Methods in Software Practice Workshop, 1996.
- Edsger W. Dijkstra. Guarded commands, nondeterminancy and formal derivation of programs. Communications of the ACM, 18:453–457, 1975. CrossRef
- Michael Gordon. HOL: A machine oriented formulation of higher-order logic. Technical Report 85, University of Cambridge, Computer Laboratory, July 1985.
- James Gosling, Bill Joy, and Guy L. Steele. The Java Language Specification. The Java Series. Addison-Wesley, Reading, MA, USA, 1996.
- Robert Harper, Furio Honsell, and Gordon Plotkin. A framework for defining logics. Journal of the Association for Computing Machinery, 40(1):143–184, January 1993.
- Steven McCanne and Van Jacobson. The BSD packet filter: A new architecture for user-level packet capture. In The Winter 1993 USENIX Conference, pages 259–269. USENIX Association, January 1993.
- Sun Microsystems. The Java Virtual Machine specification. Available as ftp://ftp.javasoft.com/docs/vmspec.ps.zip, 1995.
- George C. Necula and Peter Lee. Efficient representation and validation of logical proofs. Technical Report CMU-CS-97-172, Computer Science Department, Carnegie Mellon University, October 1997.
- George C. Necula and Peter Lee. The design and implementation of a certifying compiler. In ACM SIGPLAN’98 Conference on Programming Language Design and Implementation, June 1998.
- Greg Nelson and Derek Oppen. Simplification by cooperating decision procedures. ACM Transactions on Programming Languages and Systems, 1(2):245–257, October 1979. CrossRef
- John R. Ousterhout. Tcl and the Tk Toolkit. Addison Wesley, 1994.
- S. Owre, J. M. Rushby, and N. Shankar. PVS: A prototype verification system. In Deepak Kapur, editor, 11th International Conference on Automated Deduction (CADE), volume 607 of Lecture Notes in Artificial Intelligence, pages 748–752, Saratoga, NY, June 1992. Springer-Verlag.
- Frank Pfenning. Elf: A meta-language for deductive systems (system description). In Alan Bundy, editor, 12th International Conference on Automated Deduction, LNAI 814, pages 811–815, Nancy, France, June 26–July 1, 1994. Springer-Verlag.
- R. Wahbe, S. Lucco, T. E. Anderson, and S. L. Graham. Efficient software-based fault isolation. In 14th ACM Symposium on Operating Systems Principles, pages 203–216. ACM, December 1993.
- Safe, Untrusted Agents Using Proof-Carrying Code
- Book Title
- Mobile Agents and Security
- Book Part
- Part II
- pp 61-91
- Print ISBN
- Online ISBN
- Series Title
- Lecture Notes in Computer Science
- Series Volume
- Series ISSN
- Springer Berlin Heidelberg
- Copyright Holder
- Springer-Verlag Berlin Heidelberg
- Additional Links
- Industry Sectors
- eBook Packages
To view the rest of this content please follow the download PDF link above.