Visible to the public System M: A Program Logic for Code Sandboxing and IdentificationConflict Detection Enabled

TitleSystem M: A Program Logic for Code Sandboxing and Identification
Publication TypeUnpublished
Year of Publication2015
AuthorsLimin Jia, Shayak Sen, Deepak Garg, Anupam Datta
KeywordsApr'15, CMU

Security-sensitive applications that execute untrusted code often check the code's integrity by comparing its syntax to a known good value or sandbox the code to contain its effects. System M is a new program logic for reasoning about such security-sensitive applications. System M extends Hoare Type Theory (HTT) to trace safety properties and, additionally, contains two new reasoning principles. First, its type system internalizes logical equality, facilitating reasoning about applications that check code integrity. Second, a con- finement rule assigns an effect type to a computation based solely on knowledge of the computation's sandbox. We prove the soundness of System M relative to a step-indexed trace-based semantic model. We illustrate both new reasoning principles of System M by verifying the main integrity property of the design of Memoir, a previously proposed trusted computing system for ensuring state continuity of isolated security-sensitive applications.

Citation Keynode-30186

Other available formats:

Jia_System_M_AD.pdfPDF document449.47 KBDownloadPreview