Skip to main content
Springer Nature Link
Log in

BCiC: A System for Code Authentication and Verification

  • Conference paper
Logic for Programming, Artificial Intelligence, and Reasoning (LPAR 2005)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3452))

  • 556 Accesses

Abstract

We present BCiC, a system for verifying and authenticating code that combines language-based proof methods with public-key digital signatures. BCiC aims to augment the rigor of formal proofs about intrinsic properties of code by relying on authentication and trust relations. BCiC integrates the Binder security language with the Calculus of (Co)Inductive Constructions (CiC). In this respect, it is a descendant of our previous logic BLF, which was based on LF rather than CiC. This paper focuses on the architecture and implementation of BCiC. In addition to a logical inference engine, the design most notably includes a network communication module for the efficient exchange of logical facts between hosts, and a cryptography module for generating and checking signatures. The implementation cooperates with the Open Verifier, a state-of-the-art system for proof-carrying code with modular checkers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Appel, A.W.: Foundational proof-carrying code. In: Proceedings of the 16th Annual Symposium on Logic in Computer Science, June 2001, pp. 247–258 (2001)

    Google Scholar 

  2. Appel, A.W., Felten, E.W.: Proof-carrying authentication. In: Proceedings of the 5th ACM Conference on Computer and Communications Security, pp. 52–62 (November 1999)

    Google Scholar 

  3. Appel, A.W., Felty, A.P.: A semantic model of types and machine instructions for proof-carrying code. In: Proceedings of the 27th Annual ACMSIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 243–253 (January 2000)

    Google Scholar 

  4. Bauer, L., Schneider, M.A., Felten, E.W.: A general and flexible accesscontrol system for the Web. In: Proceedings of the 11th USENIX Security Symposium 2002, pp. 93–108 (2002)

    Google Scholar 

  5. Bertot, Y., Castéran, P.: Interactive Theorem Proving and Program Development. Springer, Heidelberg (2004)

    MATH  Google Scholar 

  6. Chang, B.-Y.E., Chlipala, A., Necula, G.C., Schneck, R.R.: The Open Verifier framework for foundational verifiers. In: Proceedings of the 2005 ACM SIGPLAN International Workshop on Types in Language Design and Implementation (TLDI), pp. 1–12 (2005)

    Google Scholar 

  7. Chen, W., Warren, D.S.: Tabled evaluation with delaying for general logic programs. Journal of the ACM 43(1), 20–74 (1996)

    Article  MathSciNet  MATH  Google Scholar 

  8. Coquand, T., Huet, G.: The calculus of constructions. Information and Computation 76(2/3), 95–120 (1988)

    Article  MathSciNet  MATH  Google Scholar 

  9. Demers, A., Greene, D., Hauser, C., Irish, W., Larson, J., Shenker, S., Sturgis, H., Swinehart, D., Terry, D.: Epidemic algorithms for replicated database maintenance. In: Proceedings of the Sixth Symposium on Principles of Distributed Computing, August 1987, pp. 1–12 (1987)

    Google Scholar 

  10. DeTreville, J.: Binder, a logic-based security language. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, May 2002, pp. 105–113 (2002)

    Google Scholar 

  11. ECMA. Standard ECMA-335: Common Language Infrastructure (December 2001), Available on-line at: http://msdn.microsoft.com/net/ecma/

  12. Girard, J.-Y., Taylor, P., Lafont, Y.: Proofs and Types. Cambridge University Press, Cambridge (1990), http://nick.dcs.qmul.ac.uk/pt/stable/Proofs+Types.html

    Google Scholar 

  13. Harper, R., Honsell, F., Plotkin, G.: A framework for defining logics. Journal of the ACM 40(1), 143–184 (1993)

    Article  MathSciNet  MATH  Google Scholar 

  14. Holliday, J., Steinke, R.C., Agrawal, D., Abbadi, A.E.: Epidemic algorithms for replicated databases. IEEE Transactions on Knowledge Data Engineering 15(5), 1218–1238 (2003)

    Article  Google Scholar 

  15. Lange, S., LaMacchia, B., Lyons, M., Martin, R., Pratt, B., Singleton, G.:NET Framework Security. Addison-Wesley, Reading (2002)

    Google Scholar 

  16. Lee, E., Appel, A.W.: Policy-enforced linking of untrusted components. In: Proceedings of the 11th ACMSIGSOFT Symposium on Foundations of Software Engineering, September 2003, pp. 371–374 (2003)

    Google Scholar 

  17. Lindholm, T., Yellin, F.: The JavaTM Virtual Machine Specification. Addison Wesley, Reading (1997)

    Google Scholar 

  18. Necula, G.C.: Proof-carrying code. In: Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 1997), pp. 106–119 (1997)

    Google Scholar 

  19. Necula, G.C., Schneck, R.R.: A sound framework for untrusted verificationcondition generators. In: Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science, July 2003, pp. 248–260 (2003)

    Google Scholar 

  20. Rao, P., Sagonas, K., Swift, T., Warren, D.S., Freire, J.: XSB: A system for efficiently computing well-founded semantics. In: Fuhrbach, U., Dix, J., Nerode, A. (eds.) LPNMR 1997. LNCS, vol. 1265, pp. 430–440. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  21. Appel, A.W.: Foundational proof-carrying code. In: Proceedings of the 16th Annual Symposium on Logic in Computer Science, June 2001, pp. 247–258 (2001)

    Google Scholar 

  22. Whitehead, N., Abadi, M., Necula, G.: By reason and authority: A system for authorization of proof-carrying code. In: Proceedings of the 17th IEEE Computer Security Foundations Workshop, June 2004, pp. 236–250 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of California, Santa Cruz

    Nathan Whitehead & Martín Abadi

Authors
  1. Nathan Whitehead
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martín Abadi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Theoretical Computer Science, TU Dresden, Germany

    Franz Baader

  2. University of Manchester, UK

    Andrei Voronkov

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Whitehead, N., Abadi, M. (2005). BCiC: A System for Code Authentication and Verification. In: Baader, F., Voronkov, A. (eds) Logic for Programming, Artificial Intelligence, and Reasoning. LPAR 2005. Lecture Notes in Computer Science(), vol 3452. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-32275-7_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-32275-7_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-25236-8

  • Online ISBN: 978-3-540-32275-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics