DeepAI AI Chat
Log In Sign Up

VST-Flow: Fine-grained low-level reasoning about real-world C code

by   Samuel Gruetter, et al.

We show how support for information-flow security proofs could be added on top of the Verified Software Toolchain (VST). We discuss several attempts to define information flow security in a VST-compatible way, and present a statement of information flow security in "continuation-passing" style. Moreover, we present Hoare rules augmented with information flow control assertions, and sketch how these rules could be proven sound with respect to the definition given before. We also discuss how this can be implemented in the Coq proof assistant, and how VST's proof automation framework (VST-Floyd) can be adapted to support convenient information flow security proofs.


page 1

page 2

page 3

page 4


LIO*: Low Level Information Flow Control in F*

We present Labeled Input Output in F* (LIO*), a verified framework that ...

Tiny-CFA: A Minimalistic Approach for Control-Flow Attestation Using Verified Proofs of Execution

The design of tiny trust anchors has received significant attention over...

First-Order Logic for Flow-Limited Authorization

We present the Flow-Limited Authorization First-Order Logic (FLAFOL), a ...

First-order Gradual Information Flow Types with Gradual Guarantees

Gradual type systems seamlessly integrate statically-typed programs with...

IFCIL: An Information Flow Configuration Language for SELinux (Extended Version)

Security Enhanced Linux (SELinux) is a security architecture for Linux i...

IOLLVM: enhance version of OLLVM

Code obfuscation increases the difficulty of understanding programs, imp...

Agile Network Access Control in the Container Age

Linux Containers, such as those managed by Docker, are an increasingly p...