Affiliation:
1. IMDEA Software Institute
2. Max Planck Institute for Software Systems
Abstract
Dedicated to the memory of John C. Reynolds (1935--2013).
We present Relational Hoare Type Theory (RHTT), a novel language and verification system capable of expressing and verifying rich information flow and access control policies via dependent types. We show that a number of security policies which have been formalized separately in the literature can all be expressed in RHTT using only standard type-theoretic constructions such as monads, higher-order functions, abstract types, abstract predicates, and modules. Example security policies include conditional declassification, information erasure, and state-dependent information flow and access control. RHTT can reason about such policies in the presence of dynamic memory allocation, deallocation, pointer aliasing and arithmetic.
Funder
Ramon y Cajal
Air Force Office of Scientific Research
Seventh Framework Programme
Ministerio de Economía y Competitividad
National Science Foundation
Publisher
Association for Computing Machinery (ACM)
Cited by
39 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献