DeepAI AI Chat
Log In Sign Up

Mechanized Noninterference for Gradual Security

by   Tianyu Chen, et al.

This paper presents the first machine-checked proof of noninterference for a language with gradual information-flow control, thereby establishing a rock solid foundation for secure programming languages that give programmers the choice between runtime versus compile-time enforcement. Along the way we uncovered a flaw in one of the noninterference proofs in the literature, and give a counterexample for one of the main lemmas. The particular language studied in this paper, λ_𝚂𝙴𝙲^⋆, is based on the GLIO language of Azevedo de Amorim et al. [2020]. To make the design more accessible to other researchers, this paper contributes the first traditional semantics for the language, that is, we define compilation from λ_𝚂𝙴𝙲^⋆ to a cast calculus and design a reduction semantics for the latter that includes blame tracking. In addition to the proof of noninterference, we also mechanize proofs of type safety, determinism, and that compilation preserves types.


page 1

page 2

page 3

page 4


A metalanguage for cost-aware denotational semantics

We present two metalanguages for developing synthetic cost-aware denotat...

Data-Codata Symmetry and its Interaction with Evaluation Order

Data types and codata types are, as the names suggest, often seen as dua...

Normalising Lustre Preserves Security

The synchronous reactive data flow language LUSTRE is an expressive lang...

Sheaf semantics of termination-insensitive noninterference

We propose a new sheaf semantics for secure information flow over a spac...

Direct Foundations for Compositional Programming

The recently proposed CP language adopts Compositional Programming: a ne...

Giving Semantics to Program-Counter Labels via Secure Effects

Type systems designed for information-flow control commonly use a progra...

A Type and Scope Safe Universe of Syntaxes with Binding: Their Semantics and Proofs

Almost every programming language's syntax includes a notion of binder a...