a verified information flow architecture
play

A Verified Information-Flow Architecture Arthur Azevedo de Amorim, - PowerPoint PPT Presentation

Nov 30, 2022 •606 likes •1.69k views

A Verified Information-Flow Architecture Arthur Azevedo de Amorim, Nathan Collins, Andr DeHon, Delphine Demange, C at alin Hri tcu, David Pichardie, Benjamin Pierce, Randy Pollack, Andrew T olmach January 2014 1 What if we could

  1. Abstract Machine IFC side-conditions symbolically represented by Refined by Symbolic-Rule Machine IFC Rules Correctly Refined by compiled to Concrete Machine Fault Handler 25

  2. Abstract Machine IFC side-conditions symbolically represented by Refined by Symbolic-Rule Machine IFC Rules Combine hit and miss simulation lemmas Correctly Refined by compiled to Concrete Machine Fault Handler 25

  3. Symbolic Rule T able Instruction Result Label Add LAB 1 ⊔ LAB 2 Output LAB 1 . . . . . . if the current instruction is 26

  4. Symbolic Rule T able Instruction Result Label Add LAB 1 ⊔ LAB 2 Output LAB 1 . . . . . . label the result with 26

  5. Symbolic Rule T able Instruction Result Label Add LAB 1 ⊔ LAB 2 Output LAB 1 . . . . . . for Add , result is as secret as operands 26

  6. Symbolic Rule T able Instruction Result Label Add LAB 1 ⊔ LAB 2 Output LAB 1 . . . . . . for Output , use same label 26

  7. Handler Implementation and Verification 27

  8. Structured-Code Generators Structured programming instead of assembly programming ❼ Define structured-code generators as Coq functions ❼ Generators provide a structured language for the machine ( if , case , and , or , while , . . . ) ❼ Prove Hoare-logic rules for each generator 28

  9. Compiling IFC Rules Write a rule table compiler in Coq ❼ Use generators as a backend ❼ Parameterized over correct implementation of lattice primitives ❼ Compose Hoare triples to show compiler correctness 29

  10. Algorithm ❼ Fetch instruction and operand tags from faulting context ❼ Compute the result tag from this data using compiled rule table ❼ Install computed line into the cache Proven correct by composing compiler lemma with triples for the glue code 30

  11. NI Abstract Machine IFC side- conditions Refined by symbolically represented by Symbolic-Rule Machine IFC Rules Refined by Correctly compiled to Concrete Machine Fault Handler NI 31

  12. NI Abstract Machine IFC side- conditions Refined by symbolically represented by Preserved Symbolic-Rule Machine IFC Rules Refined by Correctly compiled to Concrete Machine Fault Handler NI 31

  13. What Else? 32

  14. More in the Paper Complete model includes more features ❼ Control flow and user-level procedures ❼ Block-structured memory with dynamic allocation ❼ System calls for implementing new IFC primitives ❼ Richer IFC labels (sets of principals represented as pointers to memory arrays) 33

  15. ❼ ❼ ❼ ❼ Addressed Challenges ❼ Track implicit flows 34

  16. ❼ ❼ ❼ Addressed Challenges ❼ Track implicit flows ❼ Allocation and noninterference 34

  17. ❼ ❼ Addressed Challenges ❼ Track implicit flows ❼ Allocation and noninterference ❼ Pointer values could leak secrets 34

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The Information Flow Framework: New Architecture Robert E. Kent CT 2006 Philosophy cannot

The Information Flow Framework: New Architecture Robert E. Kent CT 2006 Philosophy cannot

The Information Flow Framework: New Architecture Robert E. Kent CT 2006 Philosophy cannot become scientifically healthy without an im- mense technical vocabulary. We can hardly imagine our great- grandsons turning over the leaves of this

586 views • 26 slides
Flow++: Improving Flow-Based Generative Models with Variational Dequantization and Architecture

Flow++: Improving Flow-Based Generative Models with Variational Dequantization and Architecture

Flow++: Improving Flow-Based Generative Models with Variational Dequantization and Architecture Design Jonathan Ho*, Xi Chen*, Aravind Srinivas, Yan Duan, Pieter Abbeel Overview - Goal: likelihood-based model with Fast sampling and training -

363 views • 11 slides
May 15: Information Flow and Confinement Information flow for integrity policies Examples

May 15: Information Flow and Confinement Information flow for integrity policies Examples

May 15: Information Flow and Confinement Information flow for integrity policies Examples of information flow controls Android phone Firewalls Confinement Virtual machines May 15, 2017 ECS 235B Spring Quarter 2017 Slide

487 views • 32 slides
Information flow control 1 D. Denning and P. Denning Certification of Programs for Secure

Information flow control 1 D. Denning and P. Denning Certification of Programs for Secure

Secure Architecture Principles Information flow control 1 D. Denning and P. Denning Certification of Programs for Secure Information Flow (CACM 1976) Review Access Control Discretionary access control (DAC) Philosophy: users have

321 views • 16 slides
Decompilation is an information-flow problem (Or, information flow meets program transformation)

Decompilation is an information-flow problem (Or, information flow meets program transformation)

Decompilation is an information-flow problem (Or, information flow meets program transformation) Boris Feigin Computer Laboratory, University of Cambridge PLID 2008 joint work with Alan Mycroft 1 / 22 Motivation Given suitable tools we

605 views • 33 slides
Disclaimer The information contained in this presentation has not been independently verified and

Disclaimer The information contained in this presentation has not been independently verified and

Disclaimer The information contained in this presentation has not been independently verified and this presentation contains various forward-looking statements that reflect managements current views with respect to future events and financial

706 views • 31 slides
IP Flow Information eXport IP Flow Information eXport (IPFIX) (IPFIX)

IP Flow Information eXport IP Flow Information eXport (IPFIX) (IPFIX)

IP Flow Information eXport IP Flow Information eXport (IPFIX) (IPFIX) elisa.boschi@hitachi-eu.com {boschi, zseby, mark, hirsch}@fokus.fraunhofer.de Outline Outline IPFIX Terminology Applicability Initial Goals

212 views • 19 slides
55:035 Computer Architecture and Organization Lecture 11 Outline Interrupts Program Flow

55:035 Computer Architecture and Organization Lecture 11 Outline Interrupts Program Flow

55:035 Computer Architecture and Organization Lecture 11 Outline Interrupts Program Flow Multiple Interrupts Nesting IO Architecture Bus Types Transfer Methods Disks Disk Arrays 55:035 Computer

708 views • 49 slides
Towards a Flow- and Path-Sensitive Information Flow Analysis Peixuan Li, Danfeng Zhang

Towards a Flow- and Path-Sensitive Information Flow Analysis Peixuan Li, Danfeng Zhang

Towards a Flow- and Path-Sensitive Information Flow Analysis Peixuan Li, Danfeng Zhang Pennsylvania State University University Park, PA, USA {pzl129,zhang}@cse.psu.edu Background: Information Flow Analysis o Security enforcement to prevent

379 views • 24 slides
Verified Cyber-Physical Systems [FM11] 2 Verified Cyber-Physical Systems x l x j

Verified Cyber-Physical Systems [FM11] 2 Verified Cyber-Physical Systems x l x j

Differential Refinement Logic Sarah M. Loos and Andr Platzer Computer Science Department Carnegie Mellon University 1 Verified Cyber-Physical Systems [FM11] 2 Verified Cyber-Physical Systems x l x j p x k x i

1.97k views • 179 slides
Flow Networks Flow Network: - digraph - weights, called capacities on edges - two

Flow Networks Flow Network: - digraph - weights, called capacities on edges - two

M AXIMUM F LOW How to do it... Why you want it... Where you find it... The Tao of Flow: Let your body go with the flow. -Madonna, Vogue Maximum flow...because youre worth it. -Loreal Go with the flow, Joe.

619 views • 20 slides
Quantifying Information is a fundamental issue in computer security: Flow Using Min-Entropy

Quantifying Information is a fundamental issue in computer security: Flow Using Min-Entropy

Secure Information Flow ! Protecting the confidentiality of secret information Quantifying Information is a fundamental issue in computer security: Flow Using Min-Entropy Blood type: AB Birth date: 9/5/46 HIV: positive ! Access control and

399 views • 10 slides
Verified Volunteers Verified Volunteers New Volunteer Screening Coordinator Irene Lazarus

Verified Volunteers Verified Volunteers New Volunteer Screening Coordinator Irene Lazarus

From the office of Texas Conference of SDA Human Resources ___________________________________ Verified Volunteers Verified Volunteers New Volunteer Screening Coordinator Irene Lazarus She will be working with every church and

279 views • 5 slides
Lecture 19: Flow and Confinement Examples of information flow applications The confinement

Lecture 19: Flow and Confinement Examples of information flow applications The confinement

Lecture 19: Flow and Confinement Examples of information flow applications The confinement problem Covert channels Isolation: virtual machines, sandboxes March 2, 2009 ECS 235B, Winter Quarter 2009 Slide #19-1 Matt Bishop, UC

322 views • 30 slides
Lollipop MR1 Verified Boot Andrew Boie Open Source Technology Center Intel Corporation Agenda

Lollipop MR1 Verified Boot Andrew Boie Open Source Technology Center Intel Corporation Agenda

Lollipop MR1 Verified Boot Andrew Boie Open Source Technology Center Intel Corporation Agenda What is Verified Boot? Description of Verified Boot Components Q&A What Is Verified Boot? Verified Boot establishes a chain of

432 views • 19 slides
ModelPlex: Verified Runtime Monitors and Verified Test Oracles for Safety of Cyber-Physical

ModelPlex: Verified Runtime Monitors and Verified Test Oracles for Safety of Cyber-Physical

ModelPlex: Verified Runtime Monitors and Verified Test Oracles for Safety of Cyber-Physical Systems Stefan Mitsch Computer Science Department, Carnegie Mellon University CPS V&V I&F Workshop 2017 May 12, 2017 joint work with Andr e

537 views • 31 slides
Separation of cliques and stable sets Nicolas Bousquet Aur elie Lagoutte St ephan

Separation of cliques and stable sets Nicolas Bousquet Aur elie Lagoutte St ephan

Clique-Stable set separation Alon-Saks-Seymour Conjecture Constraint satisfaction problem Prospects Separation of cliques and stable sets Nicolas Bousquet Aur elie Lagoutte St ephan Thomass e eminaire AlGCo 1 S 1. Slides by

996 views • 70 slides
Bitonic st -orderings for Upward Planar Graphs Martin Gronemann University of Cologne, Germany

Bitonic st -orderings for Upward Planar Graphs Martin Gronemann University of Cologne, Germany

Bitonic st -orderings for Upward Planar Graphs Martin Gronemann University of Cologne, Germany September 20, 2016 Introduction Graph Drawing 2014 Bitonic st-orderings of biconnected planar graphs. A special st -ordering that is similar

729 views • 44 slides
Applications of gluing constructions in General Relativity Daniel Pollack University of

Applications of gluing constructions in General Relativity Daniel Pollack University of

Applications of gluing constructions in General Relativity Daniel Pollack University of Washington From Geometry to Numerics Institut Henri Poincar e (IHP) Paris, France Based on joint work with Piotr Chru sciel, James Isenberg and Rafe

310 views • 16 slides
Numerical Computation of StarkHegner points in higher level Xevi Guitart 1 Marc Masdeu 2 1 Max

Numerical Computation of StarkHegner points in higher level Xevi Guitart 1 Marc Masdeu 2 1 Max

Numerical Computation of StarkHegner points in higher level Xevi Guitart 1 Marc Masdeu 2 1 Max Planck Institute/U. Politcnica de Catalunya 2 Columbia University Rational points on curves: A p -adic and computational perspective Mathematical

312 views • 16 slides
Brandt Elementary Back to School Night Principal Charles Bartlett Vice Principal Jack Baker

Brandt Elementary Back to School Night Principal Charles Bartlett Vice Principal Jack Baker

Brandt Elementary Back to School Night Principal Charles Bartlett Vice Principal Jack Baker SEPTEMBER 24, 2019 Three People You Need To Know Health Services - Mrs. Filomena Konopka, RN fkonopka@hoboken.k12.nj.us Guidance Counselor - Mrs.

166 views • 15 slides
Compositionality in Semantic Vector Spaces CS224U: Natural Language Understanding Feb. 28, 2012

Compositionality in Semantic Vector Spaces CS224U: Natural Language Understanding Feb. 28, 2012

Compositionality in Semantic Vector Spaces CS224U: Natural Language Understanding Feb. 28, 2012 Richard Socher Joint work with Chris Manning, Andrew Ng Jeffrey Pennington, Eric Huang and Cliff Lin More information and code at www.socher.org 1

899 views • 53 slides
Automatic Generation of Compact Printable Shellcodes For x86 WOOT 20 Dhrumil Patel Aditya

Automatic Generation of Compact Printable Shellcodes For x86 WOOT 20 Dhrumil Patel Aditya

Automatic Generation of Compact Printable Shellcodes For x86 WOOT 20 Dhrumil Patel Aditya Basu Anish Mathuria August 11, 2020 Outline Introduction Currently used Algorithms Motivation Printable Shellcode Compiler ( psc ) Results

578 views • 18 slides
Belief - Desire - Intention (BDI) Model BDI Introduction, Applications and Analyses Massimo

Belief - Desire - Intention (BDI) Model BDI Introduction, Applications and Analyses Massimo

MIN Faculty Department of Informatics Belief - Desire - Intention (BDI) Model BDI Introduction, Applications and Analyses Massimo Innocentini University of Hamburg Faculty of Mathematics, Informatics and Natural Sciences Department of

636 views • 25 slides

More recommend