Skip to main content
Springer Nature Link
Log in

On the Automated Synthesis of Proof-Carrying Temporal Reference Monitors

  • Conference paper
Logic-Based Program Synthesis and Transformation (LOPSTR 2006)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4407))

  • 307 Accesses

Abstract

We extend the range of security policies that can be guaranteed with proof carrying code from the classical type safety, control safety, memory safety, and space/time guarantees to more general security policies, such as general resource and access control. We do so by means of (1) a specification logic for security policies, which is the past-time fragment of LTL, and (2) a synthesis algorithm generating reference monitor code and accompanying proof objects from formulae of the specification logic. To evaluate the feasibility of our approach, we developed a prototype implementation producing proofs in Isabelle/HOL.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Necula, G.C.: Proof-carrying code. In: Proc. of POPL’97, Paris, Jan.1997, pp. 106–119 (1997), http://raw.cs.berkeley.edu/Papers/pcc_popl97.ps

  2. Morrisett, G., Walker, D., Crary, K., Glew, N.: From System F to typed assembly language. TOPLAS 21(3), 527–568 (1999)

    Article  Google Scholar 

  3. Necula, G.C., Lee, P.: The design and implementation of a certifying compiler. In: Proc. of PLDI’98, vol. 33,5, Jun. 17–19, pp. 333–344. ACM Press, New York (1998), http://www.cs.cmu.edu/~necula/pldi98.ps.gz

    Google Scholar 

  4. Aspinall, D., Gilmore, S., Hofmann, M., Sannella, D., Stark, I.: Mobile resource guarantees for smart devices. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 1–26. Springer, Heidelberg (2005)

    Google Scholar 

  5. Manna, Z., Pnueli, A.: Temporal Verification of Reactive Systems: Safety. Springer, New York (1995)

    Google Scholar 

  6. Schneider, F.B.: Enforceable security policies. Information and System Security 3(1), 30–50 (2000)

    Article  Google Scholar 

  7. Winwood, S., Chakravarty, M.M.T.: Secure untrusted binaries - provably! In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2005. LNCS, vol. 3866, pp. 171–186. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  8. Brewer, D.F.C., Nash, M.J.: The Chinese Wall security policy. In: IEEE Symposium on Security and Privacy, pp. 206–214. IEEE Computer Society Press, Los Alamitos (1989)

    Chapter  Google Scholar 

  9. Havelund, K., Rosu, G.: Synthesizing monitors for safety properties. In: Katoen, J.-P., Stevens, P. (eds.) ETAPS 2002 and TACAS 2002. LNCS, vol. 2280, pp. 342–356. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  10. Barthe, G., Rezk, T., Saabas, A.: Proof obligations preserving compilation. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2005. LNCS, vol. 3866, pp. 112–126. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  11. Manna, Z., Pnueli, A.: The anchored version of the temporal framework. In: de Bakker, J.W., de Roever, W.-P., Rozenberg, G. (eds.) Linear Time, Branching Time and Partial Order in Logics and Models for Concurrency. LNCS, vol. 354, pp. 201–284. Springer, Heidelberg (1989)

    Chapter  Google Scholar 

  12. Nipkow, T.: Hoare logics in Isabelle/HOL. In: Schwichtenberg, H., Steinbrüggen, R. (eds.) Proof and System-Reliability, pp. 341–367. Kluwer Academic Publishers, Dordrecht (2002)

    Google Scholar 

  13. Lichtenstein, O., Pnueli, A.: Propositional temporal logics: Decidability and completeness. Logic Journal of the IGPL 8(1), 55–85 (2000), http://www.wisdom.weizmann.ac.il/~amir/lp00.ps.gz

    Article  MATH  MathSciNet  Google Scholar 

  14. Geilen, M.: On the construction of monitors for temporal logic properties. In: Electr. Notes Theor. Comput. Sci., vol. 55 (2001), http://www.ics.ele.tue.nl/~mgeilen/publications/rv2001.pdf

  15. Bernard, A., Lee, P.: Temporal logic for proof-carrying code. In: Voronkov, A. (ed.) Automated Deduction - CADE-18. LNCS (LNAI), vol. 2392, pp. 31–46. Springer, Heidelberg (2002)

    Google Scholar 

  16. Holzmann, G.J.: The model checker spin. IEEE Trans. Software Eng. 23(5), 279–295 (1997)

    Article  MathSciNet  Google Scholar 

  17. Chen, F., D’Amorim, M., Rosu, G.: A formal monitoring-based framework for software development and analysis. In: Davies, J., Schulte, W., Barnett, M. (eds.) ICFEM 2004. LNCS, vol. 3308, pp. 357–372. Springer, Heidelberg (2004)

    Google Scholar 

  18. D’Amorim, M., Rosu, G.: Efficient monitoring of omega-languages. . In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 364–378. Springer, Heidelberg (2005)

    Google Scholar 

  19. Barringer, H., Goldberg, A., Havelund, K., Sen, K.: Program monitoring with LTL in EAGLE. In: Proc. of PADTAD’04, April (2004), http://www.havelund.com/Publications/eagle-padtad04.pdf

  20. Peled, D., Zuck, L.: From model checking to a temporal proof. In: Dwyer, M.B. (ed.) Model Checking Software. LNCS, vol. 2057, pp. 1–14. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  21. Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL. LNCS, vol. 2283. Springer, Heidelberg (2002), http://www4.in.tum.de/~nipkow/LNCS2283/tutorial.pdf

    MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of New South Wales, School of Computer Science & Engineering, Sydney, Australia

    Simon Winwood, Gerwin Klein & Manuel M. T. Chakravarty

  2. National ICT, Australia

    Simon Winwood & Gerwin Klein

Authors
  1. Simon Winwood
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gerwin Klein
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Manuel M. T. Chakravarty
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Germán Puebla

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer Berlin Heidelberg

About this paper

Cite this paper

Winwood, S., Klein, G., Chakravarty, M.M.T. (2007). On the Automated Synthesis of Proof-Carrying Temporal Reference Monitors. In: Puebla, G. (eds) Logic-Based Program Synthesis and Transformation. LOPSTR 2006. Lecture Notes in Computer Science, vol 4407. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71410-1_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-71410-1_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-71409-5

  • Online ISBN: 978-3-540-71410-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics