Abstract
Abstraction-Carrying Code (ACC) has recently been proposed as a framework for mobile code safety in which the code supplier provides a program together with an abstraction whose validity entails compliance with a predefined safety policy. The abstraction plays thus the role of safety certificate and its generation is carried out automatically by a fixed-point analyzer. The advantage of providing a (fixed-point) abstraction to the code consumer is that its validity is checked in a single pass of an abstract interpretation-based checker. A main challenge is to reduce the size of certificates as much as possible while at the same time not increasing checking time. We introduce the notion of reduced certificate which characterizes the subset of the abstraction which a checker needs in order to validate (and re-construct) the full certificate in a single pass. Based on this notion, we instrument a generic analysis algorithm with the necessary extensions in order to identify the information relevant to the checker. We also provide a correct checking algorithm together with sufficient conditions for ensuring its completeness. The experimental results within the CiaoPP system show that our proposal is able to greatly reduce the size of certificates in practice.
This work was funded in part by the Information Society Technologies program of the European Commission, Future and Emerging Technologies under the IST-15905 MOBIUS project, by the MEC project TIN-2005-09207 MERIT, and the CAM project S-0505/TIC/0407 PROMESAS. Manuel Hermenegildo is also supported by the Prince of Asturias Chair in Information Science and Technology at UNM.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Albert, E., Arenas, P., Puebla, G., Hermenegildo, M.: Reduced Certificates for Abstraction-Carrying Code. Technical Report CLIP8/2005.0, Technical University of Madrid (UPM), School of Computer Science, UPM (October 2005)
Albert, E., Puebla, G., Hermenegildo, M.: Abstraction-Carrying Code. In: Baader, F., Voronkov, A. (eds.) LPAR 2004. LNCS (LNAI), vol. 3452, pp. 380–397. Springer, Heidelberg (2005)
Aspinall, D., Gilmore, S., Hofmann, M., Sannella, D., Stark, I.: Mobile Resource Guarantees for Smart Devices. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 1–26. Springer, Heidelberg (2005)
Bruynooghe, M.: A Practical Framework for the Abstract Interpretation of Logic Programs. Journal of Logic Programming 10, 91–124 (1991)
Bueno, F., Cabeza, D., Carro, M., Hermenegildo, M., López-García, P., Puebla, G. (eds.): The Ciao System. Reference Manual (v1.13). Technical report, School of Computer Science (UPM) (2006), Available at: http://clip.dia.fi.upm.es/Software/Ciao/
Cachera, D., Jensen, T., Pichardie, D., Rusu, V.: Extracting a Data Flow Analyser in Constructive Logic. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 385–400. Springer, Heidelberg (2004)
Cousot, P., Cousot, R.: Abstract Interpretation: a Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. In: Proc. of POPL 1977, pp. 238–252 (1977)
Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., Rival, X.: The ASTREÉ Analyzer. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 21–30. Springer, Heidelberg (2005)
Hermenegildo, M., Puebla, G., Bueno, F., López-García, P.: Integrated Program Debugging, Verification, and Optimization Using Abstract Interpretation (and The Ciao System Preprocessor). Science of Computer Programming 58(1-2), 115–140 (2005)
Hermenegildo, M., Puebla, G., Marriott, K., Stuckey, P.: Incremental Analysis of Constraint Logic Programs. ACM TOPLAS 22(2), 187–223 (2000)
Klein, G., Nipkow, T.: Verified bytecode verifiers. Theoretical Computer Science 3(298), 583–626 (2003)
Leroy, X.: Java bytecode verification: algorithms and formalizations. Journal of Automated Reasoning 30(3-4), 235–269 (2003)
Lloyd, J.W.: Foundations of Logic Programming, 2nd edn. Springer, Heidelberg (1987)
Marriot, K., Stuckey, P.: Programming with Constraints: An Introduction. The MIT Press, Cambridge (1998)
Muthukumar, K., Hermenegildo, M.: Combined Determination of Sharing and Freeness of Program Variables Through Abstract Interpretation. In: 1991 International Conference on Logic Programming, pp. 49–63. MIT Press, Cambridge (1991)
Necula, G.: Proof-Carrying Code. In: Proc. of POPL 1997, pp. 106–119. ACM Press, New York (1997)
Necula, G.C., Lee, P.: Efficient representation and validation of proofs. In: Proceedings of LICS 1998, p. 93. IEEE Computer Society Press, Los Alamitos (1998)
Necula, G.C., Rahul, S.P.: Oracle-based checking of untrusted software. In: Proceedings of POPL 2001, pp. 142–154. ACM Press, New York (2001)
Puebla, G., Hermenegildo, M.: Optimized Algorithms for the Incremental Analysis of Logic Programs. In: Cousot, R., Schmidt, D.A. (eds.) SAS 1996. LNCS, vol. 1145, pp. 270–284. Springer, Heidelberg (1996)
Rose, E., Rose, K.: Java access protection through typing. Concurrency and Computation: Practice and Experience 13(13), 1125–1132 (2001)
Rose, K., Rose, E.: Lightweight bytecode verification. In: OOPSLA Workshop on Formal Underpinnings of Java (1998)
Sekar, R., Venkatakrishnan, V.N., Basu, S., Bhatkar, S., DuVarney, D.: Model-carrying code: A practical approach for safe execution of untrusted applications. In: Proc. of SOSP 2003, pp. 15–28. ACM Press, New York (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Albert, E., Arenas, P., Puebla, G., Hermenegildo, M. (2006). Reduced Certificates for Abstraction-Carrying Code . In: Etalle, S., Truszczyński, M. (eds) Logic Programming. ICLP 2006. Lecture Notes in Computer Science, vol 4079. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11799573_14
Download citation
DOI: https://doi.org/10.1007/11799573_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36635-5
Online ISBN: 978-3-540-36636-2
eBook Packages: Computer ScienceComputer Science (R0)