IRIS

Modern software systems are commonly programmed in multiple languages. Research into the security and correctness of such multi-language programs has generally relied on static methods that check both the individual components as well as the interoperation between them. In practice, however, components are sometimes linked in at run-time through malicious means. In this paper we introduce a technique to specify operational semantics that securely combine an abstraction-rich language with a model of an arbitrary attacker, without relying on any static checks. The resulting operational semantics, instead, lifts a proven memory isolation mechanism into the resulting multi-language system. We establish the security benefits of our technique by proving that the obtained multi-language system preserves and reflects the equivalences of the abstraction-rich language. To that end a notion of bisimilarity for this new type of multi-language system is developed. © 2014 ACM.

Operational semantics for secure interoperation / Larmuseau, A.; Patrignani, M.; Clarke, D.. - (2014), pp. 40-52. (Intervento presentato al convegno 9th Workshop on Programming Languages and Analysis for Security, PLAS 2014 tenutosi a Uppsala, swe nel 2014) [10.1145/2637113.2637118].

Operational semantics for secure interoperation

Patrignani M.;
2014-01-01

Abstract

Modern software systems are commonly programmed in multiple languages. Research into the security and correctness of such multi-language programs has generally relied on static methods that check both the individual components as well as the interoperation between them. In practice, however, components are sometimes linked in at run-time through malicious means. In this paper we introduce a technique to specify operational semantics that securely combine an abstraction-rich language with a model of an arbitrary attacker, without relying on any static checks. The resulting operational semantics, instead, lifts a proven memory isolation mechanism into the resulting multi-language system. We establish the security benefits of our technique by proving that the obtained multi-language system preserves and reflects the equivalences of the abstraction-rich language. To that end a notion of bisimilarity for this new type of multi-language system is developed. © 2014 ACM.
2014
Proceedings of the 9th Workshop on Programming Languages and Analysis for Security, PLAS 2014
uppsala sweden
Association for Computing Machinery
9781450328623
2-s2.0-84907409981
Larmuseau, A.; Patrignani, M.; Clarke, D.
Operational semantics for secure interoperation / Larmuseau, A.; Patrignani, M.; Clarke, D.. - (2014), pp. 40-52. (Intervento presentato al convegno 9th Workshop on Programming Languages and Analysis for Security, PLAS 2014 tenutosi a Uppsala, swe nel 2014) [10.1145/2637113.2637118].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/337711
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? ND
social impact