A Certificate Infrastructure for Machine-Checked Proofs of Conditional Information Flow

  • Torben Amtoft
  • Josiah Dodds
  • Zhi Zhang
  • Andrew Appel
  • Lennart Beringer
  • John Hatcliff
  • Xinming Ou
  • Andrew Cousino
Conference paper

DOI: 10.1007/978-3-642-28641-4_20

Part of the Lecture Notes in Computer Science book series (LNCS, volume 7215)
Cite this paper as:
Amtoft T. et al. (2012) A Certificate Infrastructure for Machine-Checked Proofs of Conditional Information Flow. In: Degano P., Guttman J.D. (eds) Principles of Security and Trust. POST 2012. Lecture Notes in Computer Science, vol 7215. Springer, Berlin, Heidelberg

Abstract

In previous work, we have proposed a compositional framework for stating and automatically verifying complex conditional information flow policies using a relational Hoare logic. The framework allows developers and verifiers to work directly with the source code using source-level code contracts. In this work, we extend that approach so that the algorithm for verifying code compliance to an information flow contract emits formal certificates of correctness that are checked in the Coq proof assistant. This framework is implemented in the context of SPARK - a subset of Ada that has been used in a number of industrial contexts for implementing certified safety and security critical systems.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Torben Amtoft
    • 1
  • Josiah Dodds
    • 2
  • Zhi Zhang
    • 1
  • Andrew Appel
    • 2
  • Lennart Beringer
    • 2
  • John Hatcliff
    • 1
  • Xinming Ou
    • 1
  • Andrew Cousino
    • 1
  1. 1.CIS DepartmentKansas State UniversityManhattanUSA
  2. 2.Dept. of Comp. Sci.Princeton UniversityPrincetonUSA

Personalised recommendations