CoSMed: A Confidentiality-Verified Social Media Platform

  • Thomas Bauereiß
  • Armando Pesenti Gritti
  • Andrei Popescu
  • Franco Raimondi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9807)

Abstract

This paper describes progress with our agenda of formal verification of information-flow security for realistic systems. We present CoSMed, a social media platform with verified document confidentiality. The system’s kernel is implemented and verified in the proof assistant Isabelle/HOL. For verification, we employ the framework of Bounded-Deducibility (BD) Security, previously introduced for the conference system CoCon. CoSMed is a second major case study in this framework. For CoSMed, the static topology of declassification bounds and triggers that characterized previous instances of BD security has to give way to a dynamic integration of the triggers as part of the bounds.

References

  1. 1.
  2. 2.
    Jif: Java + information flow (2014). http://www.cs.cornell.edu/jif
  3. 3.
  4. 4.
    Caritas Anchor House (2016). http://caritasanchorhouse.org.uk/
  5. 5.
    Bauereiß, T., Gritti, A.P., Popescu, A., Raimondi, F.: The CoSMed website (2016). https://cosmed.globalnoticeboard.com
  6. 6.
    Bichhawat, A., Rajani, V., Garg, D., Hammer, C.: Information flow control in WebKit’s javascript bytecode. In: Abadi, M., Kremer, S. (eds.) POST 2014 (ETAPS 2014). LNCS, vol. 8414, pp. 159–178. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  7. 7.
    Chlipala, A.: Ur/Web: a simple model for programming the web. In: POPL, pp. 153–165 (2015)Google Scholar
  8. 8.
    Chugh, R., Meister, J.A., Jhala, R., Lerner, S.: Staged information flow for javascript. In: PLDI, pp. 50–62 (2009)Google Scholar
  9. 9.
    Dam, M., Guanciale, R., Khakpour, N., Nemati, H., Schwarz, O.: Formal verification of information flow security for a simple ARM-based separation kernel. In: CCS, pp. 223–234 (2013)Google Scholar
  10. 10.
    de Amorim, A.A., Collins, N., DeHon, A., Demange, D., Hritcu, C., Pichardie, D., Pierce, B.C., Pollack, R., Tolmach, A.: A verified information-flow architecture. In: POPL, pp. 165–178 (2014)Google Scholar
  11. 11.
    Esparza, J., Lammich, P., Neumann, R., Nipkow, T., Schimpf, A., Smaus, J.-G.: A fully verified executable LTL model checker. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 463–478. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  12. 12.
    Fong, P.W.L., Anwar, M., Zhao, Z.: A privacy preservation model for facebook-style social network systems. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 303–320. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  13. 13.
    Goguen, J.A., Meseguer, J.: Unwinding and inference control. In: IEEE Symposium on Security and Privacy, pp. 75–87 (1984)Google Scholar
  14. 14.
    Groef, W.D., Devriese, D., Nikiforakis, N., Piessens, F.: FlowFox: a web browser with flexible and precise information flow control. In: CCS, pp. 748–759 (2012)Google Scholar
  15. 15.
    Haftmann, F., Nipkow, T.: Code generation via higher-order rewrite systems. In: Blume, M., Kobayashi, N., Vidal, G. (eds.) FLOPS 2010. LNCS, vol. 6009, pp. 103–117. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  16. 16.
    Hardin, D.S., Smith, E.W., Young, W.D.: A robust machine code proof framework for highly secure applications. In: Manolios, P., Wilding, M. (eds.) ACL2, pp. 11–20 (2006)Google Scholar
  17. 17.
    Jang, D., Tatlock, Z., Lerner, S.: Establishing browser security guarantees through formal shim verification. In: USENIX Security, pp. 113–128 (2012)Google Scholar
  18. 18.
    Kanav, S., Lammich, P., Popescu, A.: A conference management system with verified document confidentiality. In: Biere, A., Bloem, R. (eds.) CAV 2014. LNCS, vol. 8559, pp. 167–183. Springer, Heidelberg (2014)Google Scholar
  19. 19.
    Klein, G., Andronick, J., Elphinstone, K., Heiser, G., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., Winwood, S.: seL4: formal verification of an operating-system kernel. Commun. ACM 53(6), 107–115 (2010)CrossRefGoogle Scholar
  20. 20.
    Kumar, R., Myreen, M.O., Norrish, M., Owens, S.: CakeML: a verified implementation of ML. In: POPL, pp. 179–192 (2014)Google Scholar
  21. 21.
    Leroy, X.: Formal verification of a realistic compiler. Commun. ACM 52(7), 107–115 (2009)CrossRefGoogle Scholar
  22. 22.
    Lochbihler, A.: Java and the java memory model — a unified, machine-checked formalisation. In: Seidl, H. (ed.) Programming Languages and Systems. LNCS, vol. 7211, pp. 497–517. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  23. 23.
    Mantel, H.: Information flow and noninterference. In: van Tilborg, H.C.A., Jajodia, S. (eds.) Encyclopedia of Cryptography and Security, 2nd edn, pp. 605–607. Springer, Heidelberg (2011)Google Scholar
  24. 24.
    Moore, J.S., Lynch, T.W., Kaufmann, M.: A mechanically checked proof of the amd5\({}_{\text{ k }}\)86\({}^{\text{ tm }}\) floating point division program. IEEE Trans. Comput. 47(9), 913–926 (1998)MathSciNetCrossRefGoogle Scholar
  25. 25.
    Murray, T.C., Matichuk, D., Brassil, M., Gammie, P., Bourke, T., Seefried, S., Lewis, C., Gao, X., Klein, G.: seL4: from general purpose to a proof of information flow enforcement. In: Security and Privacy, pp. 415–429 (2013)Google Scholar
  26. 26.
    Nipkow, T., Klein, G.: Concrete Semantics: With Isabelle/HOL. Springer, Heidelberg (2014)CrossRefMATHGoogle Scholar
  27. 27.
    Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL: A Proof Assistant for Higher-Order Logic. LNCS, vol. 2283. Springer, Heidelberg (2002)MATHGoogle Scholar
  28. 28.
    Pardo, R., Schneider, G.: A formal privacy policy framework for social networks. In: Giannakopoulou, D., Salaün, G. (eds.) SEFM 2014. LNCS, vol. 8702, pp. 378–392. Springer, Heidelberg (2014)Google Scholar
  29. 29.
    Sutherland, D.: A model of information. In: 9th National Security Conference, pp. 175–183 (1986)Google Scholar
  30. 30.
    Yang, J., Yessenov, K., Solar-Lezama, A.: A language for automatically enforcing privacy policies. In: POPL, pp. 85–96 (2012)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Thomas Bauereiß
    • 1
  • Armando Pesenti Gritti
    • 2
    • 3
  • Andrei Popescu
    • 2
    • 4
  • Franco Raimondi
    • 2
  1. 1.German Research Center for Artificial Intelligence (DFKI)BremenGermany
  2. 2.School of Science and TechnologyMiddlesex UniversityLondonUK
  3. 3.Global NoticeBoardLondonUK
  4. 4.Institute of Mathematics Simion Stoilow of the Romanian AcademyBucharestRomania

Personalised recommendations