research-article

Implementing a secure abstract machine

Authors:

Adriaan Larmuseau,

Marco Patrignani,

Dave ClarkeAuthors Info & Claims

SAC '16: Proceedings of the 31st Annual ACM Symposium on Applied Computing

Pages 2041 - 2048

https://doi.org/10.1145/2851613.2851796

Published: 04 April 2016 Publication History

Abstract

Abstract machines are both theoretical models used to study language properties and practical models of language implementations. As with all language implementations, abstract machines are subject to security violations by the context in which they reside. This paper presents the implementation of an abstract machine for ML that preserves the abstractions of ML, in possibly malicious, low-level contexts. To guarantee this security result, we make use of a low-level memory isolation mechanism and derive the formalisation of the machine through a methodology, whose every step is accompanied by formal properties that ensure that the step has been carried out properly. We provide an implementation of the abstract machine and analyse its performance.

References

[1]

M. S. Ager, D. Biernacki, O. Danvy, and J. Midtgaard. A functional correspondence between evaluators and abstract machines. In PPDP '03, pages 8--19. ACM.

Digital Library

[2]

M. Biernacka and O. Danvy. A syntactic correspondence between context-sensitive calculi and abstract machines. Theor. Comput. Sci., 375(1):76--108, 2007.

Digital Library

[3]

O. Danvy and J. Johannsen. Inter-deriving semantic artifacts for object-oriented programming. Journal of Computer and System Sciences, 76(5):302--323, 2010.

Digital Library

[4]

M. Felleisen. The Calculi of Lambda-nu-cs Conversion: A Syntactic Theory of Control and State in Imperative Higher-order Programming Languages. PhD thesis, Indiana University, 1987.

Digital Library

[5]

C. Fournet, N. Swamy, J. Chen, P.-E. Dagand, P.-Y. Strub, and B. Livshits. Fully abstract compilation to javascript. In POPL, pages 371--384, 2013.

Digital Library

[6]

A. Jeffrey and J. Rathke. Towards a theory of bisimulation for local names. Computer Science Report 02-2000, University of Sussex, 2000.

[7]

P. Jones and S. L. Implementing lazy functional languages on stock hardware: The spineless tagless g-machine. Journal of Functional Programming, 2(2):127--202, April 1992.

[8]

A. Larmuseau and D. Clarke. Formalizing a secure foreign function interface. In SEFM 2015, LNCS, pages 215--230. Springer.

[9]

A. Larmuseau, M. Patrignani, and D. Clarke. Implementing a secure abstract machine -- extended version. Technical Report 2015-034, Uppsala IT.

[10]

J. Matthews and R. B. Findler. Operational semantics for multi-language programs. TOPLAS, 31(3), 2009.

Digital Library

[11]

F. McKeen, I. Alexandrovich, A. Berenzon, C. V. Rozas, H. Shafi, V. Shanbhogue, and U. R. Savagaonkar. Innovative instructions and software model for isolated execution. In HASP '13. ACM, 2013.

Digital Library

[12]

G. Morrisett, D. Walker, K. Crary, and N. Glew. From System F to Typed Assembly Language. TOPLAS, 21(3), 1999.

Digital Library

[13]

M. Patrignani and D. Clarke. Fully Abstract Trace Semantics of Low-level Isolation Mechanisms. In SAC '14, pages 1562--1569. ACM, 2014.

Digital Library

[14]

M. Pirog and D. Biernacki. A systematic derivation of the stg machine verified in coq. In Haskell '10, pages 25--36. ACM, 2010.

Digital Library

[15]

R. Strackx and F. Piessens. Fides: Selectively hardening software application components against kernel-level or process-level malware. In CCS, 2012.

Digital Library

[16]

G. Tan, S. Chakradhar, R. Srivaths, and R. D. Wang. Safe Java native interface. In ESSoS, 2006.

[17]

S. Zdancewic, D. Grossman, and G. Morrisett. Principals in programming languages: a syntactic proof technique. In ICFP '99. ACM, 1999.

Digital Library

Cited By

Devriese DPatrignani MPiessens F(2022)Two Parametricities Versus Three Universal TypesACM Transactions on Programming Languages and Systems10.1145/353965744:4(1-43)Online publication date: 21-Sep-2022
https://dl.acm.org/doi/10.1145/3539657
Patrignani MAhmed AClarke D(2019)Formal Approaches to Secure CompilationACM Computing Surveys10.1145/328098451:6(1-36)Online publication date: 4-Feb-2019
https://dl.acm.org/doi/10.1145/3280984
Devriese DPatrignani MPiessens F(2017)Parametricity versus the universal typeProceedings of the ACM on Programming Languages10.1145/31581262:POPL(1-23)Online publication date: 27-Dec-2017
https://dl.acm.org/doi/10.1145/3158126

Index Terms

Implementing a secure abstract machine
1. Security and privacy
  1. Software and application security
    1. Domain-specific security and privacy architectures
    2. Software security engineering

Recommendations

The abstract machine and implementation of parallel Parlog
Abstract
This paper defines an abstract machine for implementing the logic language Parlog on shared memory multiprocessors. A process oriented execution model is introduced that specifies the mechanisms needed to support Parlog’s control facilities and ...
Delimited control in OCaml, abstractly and concretely

We describe the first implementation of multi-prompt delimited control operators in OCaml that is direct in that it captures only the needed part of the control stack. The implementation is a library that requires no changes to the OCaml compiler or run-...
A systematic derivation of the STG machine verified in Coq
HASKELL '10

Shared Term Graph (STG) is a lazy functional language used as an intermediate language in the Glasgow Haskell Compiler (GHC). In this article, we present a natural operational semantics for STG and we mechanically derive a lazy abstract machine from ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SAC '16: Proceedings of the 31st Annual ACM Symposium on Applied Computing

April 2016

2360 pages

ISBN:9781450337397

DOI:10.1145/2851613

Conference Chair:
Sascha Ossowski
University Rey Juan Carlos, Spain

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGAPP: ACM Special Interest Group on Applied Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 April 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SAC 2016

Sponsor:

SIGAPP

SAC 2016: Symposium on Applied Computing

April 4 - 8, 2016

Pisa, Italy

Acceptance Rates

SAC '16 Paper Acceptance Rate 252 of 1,047 submissions, 24%;

Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

Upcoming Conference

SAC '25

Sponsor:
sigapp

The 40th ACM/SIGAPP Symposium on Applied Computing

March 31 - April 4, 2025

Catania , Italy

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
69
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Devriese DPatrignani MPiessens F(2022)Two Parametricities Versus Three Universal TypesACM Transactions on Programming Languages and Systems10.1145/353965744:4(1-43)Online publication date: 21-Sep-2022
https://dl.acm.org/doi/10.1145/3539657
Patrignani MAhmed AClarke D(2019)Formal Approaches to Secure CompilationACM Computing Surveys10.1145/328098451:6(1-36)Online publication date: 4-Feb-2019
https://dl.acm.org/doi/10.1145/3280984
Devriese DPatrignani MPiessens F(2017)Parametricity versus the universal typeProceedings of the ACM on Programming Languages10.1145/31581262:POPL(1-23)Online publication date: 27-Dec-2017
https://dl.acm.org/doi/10.1145/3158126

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten