English
Related papers

Related papers: Mechanized Noninterference for Gradual Security

200 papers

Languages with gradual information-flow control combine static and dynamic techniques to prevent security leaks. Gradual languages should satisfy the gradual guarantee: programs that only differ in the precision of their type annotations…

Programming Languages · Computer Science 2024-04-10 Tianyu Chen , Jeremy G. Siek

Non-interference is a semantic program property that assigns confidentiality levels to data objects and prevents illicit information flows from occurring from high to low security levels. In this paper, we present a novel security model for…

Cryptography and Security · Computer Science 2010-06-23 Mauricio Alba-Castro , María Alpuente , Santiago Escobar

Information flow type systems enforce the security property of noninterference by detecting unauthorized data flows at compile-time. However, they require precise type annotations, making them difficult to use in practice as much of the…

Programming Languages · Computer Science 2021-02-10 Abhishek Bichhawat , McKenna McCall , Limin Jia

We introduce SCIO*, a formally secure compilation framework for statically verified partial programs performing input-output (IO). The source language is an F* subset in which a verified program interacts with its IO-performing context via…

Side-channel attacks are a major threat to the security of cryptosystems. Masking is a widely used countermeasure against such attacks, but proving the security of masked algorithms is error-prone without formal verification. In this work,…

Logic in Computer Science · Computer Science 2026-05-26 Satoshi Kura , Katsuyuki Takashima

Abstracting Gradual Typing (AGT) is an approach to systematically deriving gradual counterparts to static type disciplines. The approach consists of defining the semantics of gradual types by interpreting them as sets of static types, and…

Programming Languages · Computer Science 2015-11-23 Ronald Garcia , Éric Tanter

We propose a new formal criterion for evaluating secure compilation schemes for unsafe languages, expressing end-to-end security guarantees for software components that may become compromised after encountering undefined behavior---for…

We propose a new formal criterion for secure compilation, providing strong security guarantees for components written in unsafe, low-level languages with C-style undefined behavior. Our criterion goes beyond recent proposals, which protect…

Environmental noise (e.g.heat, ionized particles, etc.) causes transient faults in hardware, which lead to corruption of stored values. Mission-critical devices require such faults to be mitigated by fault-tolerance --- a combination of…

Cryptography and Security · Computer Science 2014-10-28 Filippo Del Tedesco , David Sands , Alejandro Russo

Undefined behavior in C often causes devastating security vulnerabilities. One practical mitigation is compartmentalization, which allows developers to structure large programs into mutually distrustful compartments with clearly specified…

We give a rigorous characterization of what it means for a programming language to be memory safe, capturing the intuition that memory safety supports local reasoning about state. We formalize this principle in two ways. First, we show how…

Programming Languages · Computer Science 2018-04-10 Arthur Azevedo de Amorim , Catalin Hritcu , Benjamin C. Pierce

Quantum cryptography has been extensively studied in the last twenty years, but information-flow security of quantum computing and communication systems has been almost untouched in the previous research. Duo to the essential difference…

Cryptography and Security · Computer Science 2013-01-30 Mingsheng Ying , Yuang Feng , Nengkun Yu

SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows. At the lowest level, the SAFE hardware supports fine-grained programmable tags, with efficient and…

We present the first formalization and metatheory of language soundness for a user-schedulable language, the widely used array processing language Halide. User-schedulable languages strike a balance between abstraction and control in…

Programming Languages · Computer Science 2022-10-31 Alex Reinking , Gilbert Louis Bernstein , Jonathan Ragan-Kelley

Non-interference is a program property that ensures the absence of information leaks. In the context of programming languages, there exist two common approaches for establishing non-interference: type systems and program logics. Type…

Logic in Computer Science · Computer Science 2020-03-09 Dan Frumin , Robbert Krebbers , Lars Birkedal

Type soundness is an important property of modern programming languages. In this paper we explore the idea that "well-typed languages are sound": the idea that the appropriate typing discipline over language specifications guarantees that…

Programming Languages · Computer Science 2016-11-17 Matteo Cimini , Dale Miller , Jeremy G. Siek

Notions of guardedness serve to delineate admissible recursive definitions in various settings in a compositional manner. In recent work, we have introduced an axiomatic notion of guardedness in symmetric monoidal categories, which serves…

Logic in Computer Science · Computer Science 2021-05-25 Sergey Goncharov , Christoph Rauch , Lutz Schröder

The gradual guarantee is an important litmus test for gradually typed languages, that is, languages that enable a mixture of static and dynamic typing. The gradual guarantee states that changing the precision of a type annotation does not…

Programming Languages · Computer Science 2024-12-05 Jeremy G. Siek

Go is an increasingly-popular systems programming language targeting, especially, concurrent and distributed systems. Go differentiates itself from other imperative languages by offering structural subtyping and lightweight concurrency…

Programming Languages · Computer Science 2021-05-31 Felix A. Wolf , Linard Arquint , Martin Clochard , Wytse Oortwijn , João C. Pereira , Peter Müller

Noninterference is a popular semantic security condition because it offers strong end-to-end guarantees, it is inherently compositional, and it can be enforced using a simple security type system. Unfortunately, it is too restrictive for…

Cryptography and Security · Computer Science 2021-01-14 Ethan Cecchetti , Andrew C. Myers , Owen Arden
‹ Prev 1 2 3 10 Next ›