Verification of Control Flow Based Security Properties

Verification of Control Flow Based Security Properties (1998)

by T. Jensen , D. Le Métayer , T. Thorn

Citations:

62 - 5 self

BibTeX

@MISC{Jensen98verificationof,
    author = {T. Jensen and D. Le Métayer and T. Thorn},
    title = {Verification of Control Flow Based Security Properties},
    year = {1998}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

A fundamental problem in software-based security is whether local security checks inserted into the code are sufficient to implement a global security property. We introduce a formalism based on a two-level linear-time temporal logic for specifying global security properties pertaining to the control-flow of the program, and illustrate its expressive power with a number of existing properties. We define a minimalistic, security-dedicated program model that only contains procedure call and run-time security checks and propose an automatic method for verifying that an implementation using local security checks satisfies a global security property. For a given formula in the temporal logic we prove that there exists a bound on the size of the states that have to be considered in order to assure the validity of the formula: this reduces the problem to finite-state model checking. Finally, we instantiate the framework to the security architecture proposed for Java (JDK 1.2).

Citations

388	Enforceable security policies - Schneider - 2000
348	Certification of programs for secure information flow - Denning, Denning - 1977
345	A sound type system for secure flow analysis - Volpano, Irvine, et al. - 1996
339	A note on the confinement problem - Lampson
315	A calculus for access control in distributed systems - Abadi, Burrows, et al. - 1993
304	The chinese wall security policy - Brewer, Nash - 1989
228	Abstract Interpretation of Reactive Systems - Dams, Gerth, et al. - 1997
174	Extensible security architectures for Java - Wallach, Balfanz, et al. - 1997
170	A type system for Java bytecode subroutines - Stata, Abadi - 1998
157	Object-Oriented Type Systems - Palsberg, Schwartzbach - 1994
137	Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2 - Gong, Mueller, et al. - 1997
126	A type-based approach to program security - Volpano, Smith - 1997
125	Property preserving abstractions for the verification of concurrent systems - Loiseaux, Graf, et al. - 1995
113	Expressing interesting properties of programs in propositional temporal logic - Wolper - 1986
100	Call graph construction in object-oriented languages - Grove, DeFouw, et al. - 1997
99	E.W.: Understanding java stack inspection - Wallach, Felten - 1998
68	Lightweight bytecode verification - Rose - 2001
65	The Formal Semantics of Programming Languages. Foundations of Computer Science Series - Winskel - 1993
60	Model checking mobile processes - Dam - 1996
57	The security of static typing with dynamic linking - Dean - 1997
56	Security properties of typed applets - Leroy, Rouaix - 1998
53	A modular, polyvariant, and type-based closure analysis - Banerjee - 1997
49	A formal specification of Java virtual machine instructions for objects, methods and subrountines - Qian - 1999
42	Proving noninterference and functional correctness using traces - McLean - 1992
40	Transaction Processing - Gray, Reuter - 1993
38	Optimality in abstractions of model checking - Cleaveland, Iyer, et al. - 1995
37	Deciding bisimulation equivalence for a class of nonfinite-state programs - Jonsson, Parrow - 1993
33	A new approach to mobile code security - Wallach - 1999
30	Semantics of Java Byte Code - Bertelsen - 1997
27	Security and dynamic class loading in Java: A formalisation - Jensen, Métayer, et al. - 1998
3	The Telescript home page. URL: http://www.genmagic - Magic - 1996
2	Java development kit 1.2. URL: http://www.javasoft.com - JavaSoft - 1998
2	Vérification de politiques de sécurité par analyse de programmes - Thorn - 1999