Abstract
Proof-carrying code (PCC) allows a code producer to associate to a program a machine-checkable proof of its safety. In traditional implementations of PCC the producer negotiates beforehand, and in an unspecified way, with the consumer the permission to prove safety in whatever high-level way it chooses. In practice this has meant that highlevel rules for type safety have been hard-wired into the system as part of the trusted code base. This limits the security and flexibility of the PCC system.
In this paper, we exhibit an approach to removing the safety proof rules from the trusted base, with a technique by which the producer can convince the consumer that a given set of high-level safety rules enforce a strong global invariant that entails the trusted low-level memory safety policy.
This research was supported in part by National Science Foundation Career Grant No. CCR-9875171, ITR Grants No. CCR-0085949, No. CCR-0081588, and No. INT98-15731, and gifts from Microsoft Research; and a National Science Foundation Graduate Research Fellowship. The information presented here does not necessarily reflect the position or the policy of the Government and no official endorsement should be inferred.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Andrew W. Appel and Amy P. Felty. A semantic model of types and machine instructions for proof-carrying code. In POPL’ 00: The 27th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 243–253. ACM Press, January 2000.
Andrew W. Appel. Foundational proof-carrying code. In Proceedings of the 16th Annual IEEE Symposium on Logic in Computer Science, pages 247–258, June 2001.
Christopher Colby, Peter Lee, George C. Necula, Fred Blau, Mark Plesko, and Kenneth Cline. A certifying compiler for Java. ACM SIGPLAN Notices, 35(5):95–107, May 2000.
Coq Development Team. The Coq proof assistant reference manual, version 7.3. May 2002.
Nadeem A. Hamid, Zhong Shao, Valery Trifonov, Stefan Monnier, and Zhaozhong Ni. A syntactic approach to foundational proof-carrying code. In Proceedings of the Seventeenth Annual IEEE Symposium on Logic in Computer Science, pages 89–100, Copenhagen, Denmark, July 2002.
George C. Necula. Proof-carrying code. In The 24th Annual ACM Symposium on Principles of Programming Languages, pages 106–119. ACM, January 1997.
George C. Necula. Compiling with Proofs. PhD thesis, Carnegie Mellon University, September 1998. Also available as CMU-CS-98-154.
Robert R. Schneck and George C. Necula. A gradual approach to a more trustworthy, yet scalable, proof-carrying code. In Proceedings of the 18th International Conference on Automated Deduction (CADE-18), pages 47–62, Copenhagen, Denmark, July 2002. Springer-Verlag.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Necula, G.C., Schneck, R.R. (2003). Proof-Carrying Code with Untrusted Proof Rules. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds) Software Security — Theories and Systems. ISSS 2002. Lecture Notes in Computer Science, vol 2609. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36532-X_18
Download citation
DOI: https://doi.org/10.1007/3-540-36532-X_18
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00708-1
Online ISBN: 978-3-540-36532-7
eBook Packages: Springer Book Archive