Abstract
In previous work we have proposed a distributed security logic for authorizing code. To gain assurance about the correctness of the implementation of our system, we now present a series of security logics of increasing expressive power leading up to our logic. We encode each logic in Coq, develop an algorithm for deciding queries, and prove properties about the algorithm in Coq. By using Coq’s automatic extraction mechanism, we are able to gain a high assurance about the resulting reference monitor implementations. Following this strategy yields reference monitors fully certified at the source code level for Datalog, Binder, Binder with a general extension mechanism, and a logic that combines Binder and the calculus of co-inductive constructions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Anderson, J.P.: Computer security technology planning study. Technical Report ESD-TR-73-51, Electronic Systems Division, Hanscom Air Force Base (October 1972), available at http://csrc.nist.gov/publications/history/ande72.pdf.
Appel, A.W.: Foundational proof-carrying code. In: Proceedings of the 16th Annual Symposium on Logic in Computer Science, pp. 247–258 (June 2001)
Appel, A.W., Felten, E.W.: Proof-carrying authentication. In: Proceedings of the 5th ACM Conference on Computer and Communications Security, pp. 52–62 (November 1999)
Becker, M.Y., Gordon, A.D., Fournet, C.: SecPAL: Design and semantics of a decentralized authorization language. Technical Report MSR-TR-2006-120, Microsoft Research (September 2006)
Bertot, Y., Castéran, P.: Interactive Theorem Proving and Program Development. Springer, Heidelberg (2004)
Chander, A., Dean, D., Mitchell, J.: A distributed high assurance reference monitor. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 231–244. Springer, Heidelberg (2004)
Coquand, T., Paulin-Mohring, C.: Inductively defined types. In: Martin-Löf, P., Mints, G. (eds.) COLOG-88. LNCS, vol. 417, Springer, Heidelberg (1990)
DeTreville, J.: Binder, a logic-based security language. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 105–113 (May 2002)
Gutmann, P.: Cryptographic Security Architecture: Design and Verification. Springer, Heidelberg (2004)
Harper, R., Honsell, F., Plotkin, G.: A framework for defining logics. Journal of the ACM 40(1), 143–184 (1993)
Jaffar, J., Maher, M.J.: Constraint logic programming: A survey. Journal of Logic Programming 19(20), 503–581 (1994)
Jim, T.: SD3: A trust management system with certified evaluation. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, pp. 106–115 (May 2001)
Leroy, X.: Formal certification of a compiler back-end. In: 33rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2006) (2006)
Letouzey, P.: Programmation fonctionnelle certifiée – L’extraction de programmes dans l’assistant Coq. PhD thesis, Université Paris-Sud (July 2004) English translation, available at http://www.pps.jussieu.fr/~letouzey
Li, N., Grosof, B.N., Feigenbaum, J.: Delegation logic: A logic-based approach to distributed authorization. ACM Transactions on Information and System Security 6(1), 128–171 (2003)
Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust-management framework. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 114–130 (May 2002)
Morrisett, G., Walker, D., Crary, K., Glew, N.: From System F to typed assembly language. ACM Transactions on Programming Languages and Systems 21(3), 528–569 (1999)
Necula, G.C.: Proof-carrying code. In: Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on the Principles of Programming Languages (POPL 1997), pp. 106–119 (1997)
Neumann, P.G., Robinson, L., Levitt, K.N., Boyer, R.S., Saxena, A.R.: A provably secure operating system. Technical Report M79-225, Stanford Research Institute (June 1975)
Owre, S., Rushby, J., Shankar, N.: PVS: A prototype verification system. In: 11th International Conference on Automated Deduction, pp. 748–752 (1992)
Paulin-Mohring, C.: Extracting F ω ’s programs from proofs in the calculus of constructions. In: Principles of Programming Languages (POPL 1989), pp. 89–104 (1989)
Pfenning, F., Schürmann, C.: System description: Twelf — A meta-logical framework for deductive systems. In: Ganzinger, H. (ed.) Automated Deduction - CADE-16. LNCS (LNAI), vol. 1632, pp. 202–206. Springer, Heidelberg (1999)
The Coq Development Team. The Coq proof assistant, http://coq.inria.fr/
Ullman, J.D.: Principles of Database and Knowledge-base Systems, vol. 2. Computer Science Press (1988)
Whitehead, N., Abadi, M.: BCiC: A system for code authentication and verification. In: Baader, F., Voronkov, A. (eds.) LPAR 2004. LNCS (LNAI), vol. 3452, pp. 110–124. Springer, Heidelberg (2005)
Whitehead, N., Abadi, M., Necula, G.: By reason and authority: A system for authorization of proof-carrying code. In: Proceedings of the 17th IEEE Computer Security Foundations Workshop, pp. 236–250 (June 2004)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Whitehead, N. (2007). A Certified Distributed Security Logic for Authorizing Code. In: Altenkirch, T., McBride, C. (eds) Types for Proofs and Programs. TYPES 2006. Lecture Notes in Computer Science, vol 4502. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74464-1_17
Download citation
DOI: https://doi.org/10.1007/978-3-540-74464-1_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74463-4
Online ISBN: 978-3-540-74464-1
eBook Packages: Computer ScienceComputer Science (R0)