Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Composition of Untrusted Code: Wrappers and Causality Types Kyle Taylor.

Published byColleen Collins Modified over 8 years ago

Similar presentations

Presentation on theme: "Secure Composition of Untrusted Code: Wrappers and Causality Types Kyle Taylor."— Presentation transcript:

1 Secure Composition of Untrusted Code: Wrappers and Causality Types Kyle Taylor

2 Introduction

3 Calculus Vs. Logic Vs. Algebra Calculus – Branch of mathematics that studies continuously changing properties – Characterized by the use of infinite processes, involving passage to a limit Logic – Systematic study of valid inference – Necessitates a distinction between logical validity and truth Algebra – Branch of mathematics concerned with operations on sets – Find solutions to systems of equations

4 Pi Calculus Generalization of Calculus of Communicating Systems(CCS) Contains two entities – Processes – Channels Processes interact by by synchronous rendezvous on channels Basic Lotos is a combination of CCS and CSP

5 Boxed pi Calculus Based on unordered asynchronous message passing Turning Complete Includes a boxing primitive – Communication across box boundaries is strictly limited Process terms can not be placed on the channel No primitives for the movement of boxes It is untyped

6 Syntax Names – All combination of letters except reserved letters Values and Patterns – Values u, v u ::= x v ::= – Pattern p p ::= _ p ::= x p ::=

7 Syntax Continued Process P – P ::= n[P] – P ::= P | P’ – P ::= x o v – P ::= x i p.P – P ::= !x i p.P – P ::= (v x) P Input tag i and output tag o can be *,, n

8 Semantics Operational Semantics – describes the meaning of a programming language by specifying how it executes on an abstract machine Reduction Semantics – Defines the internal computation of the processes Labeled semantics – Inductively defined on process structure by a structural operational semantics (SOS)

9 Filtering Example alice[P] | !in alice x | !out alice x | !net alice x W 1 (_) def = (v a)( a[_] | B ) – B =!in x.in a x | !out a x.out x W 1 prevents Q from accessing the network Assumes P=0 and Q=in x.net x

10 Filtering Example Continued in alice y | alice [P | W 1 (Q)] in alice y | alice[(v a)(a[Q] | B)] alice[in y | (v a)(a[Q] | B)] alice[(v a)(in y | a[Q] | B)] alice[(v a)(in a y | a[Q] | B)] alice[(v a)(a[in y | Q] | B)] alice[(v a)(a[net y] | B)] alice[(v a)(net a y | a[0] | B)]

11 Unidirectional-flow Wrapper Provides ordered asynchronous communication Eliminates the awkwardness of only using only unordered asynchronous communication while ensuring casual independence Necessitates the maintaining of an unbounded buffer

12 Colouring and Causal Flow The box pi calculus is extended to handle coloring Output processes are annotated with the sets of colours that record their histories – The sets of principles that have effected them in the past Very simple colouring that only captures a limited amount of causality information

13 Causality Types The type system statically captures causal flows A wrapper can be shown to satisfy the causal flow property simply by checking that it is well- typed

14 Discussion Wrappers impose security policies on components for which it is impractical to analyze the internal structure Alternative policies – Java style sand boxing – Code signing

15 Conclusions Provided techniques for proving that software wrappers enforce user specified flow constraints Security is solely a function of causality

Download ppt "Secure Composition of Untrusted Code: Wrappers and Causality Types Kyle Taylor."

Similar presentations

Programming in Occam-pi: A Tutorial By: Zain-ul-Abdin

Programming in Occam-pi: A Tutorial By: Zain-ul-Abdin
Introducing Formal Methods, Module 1, Version 1.1, Oct., 1998 1 Formal Specification and Analytical Verification L 5.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
1 Reversibility for Recoverability Ivan Lanese Computer Science Department FOCUS research group University of Bologna/INRIA Bologna, Italy.

1 Reversibility for Recoverability Ivan Lanese Computer Science Department FOCUS research group University of Bologna/INRIA Bologna, Italy.
Software Failure: Reasons Incorrect, missing, impossible requirements * Requirement validation. Incorrect specification * Specification verification. Faulty.

Software Failure: Reasons Incorrect, missing, impossible requirements * Requirement validation. Incorrect specification * Specification verification. Faulty.
© Janice Regan 2004 1 Problem-Solving Process 1. State the Problem (Problem Specification) 2. Analyze the problem: outline solution requirements and design.

© Janice Regan Problem-Solving Process 1. State the Problem (Problem Specification) 2. Analyze the problem: outline solution requirements and design.
The P-Calculus Supratik Mukhopadhyay PEMWS-2 April 6 th 2011.

The P-Calculus Supratik Mukhopadhyay PEMWS-2 April 6 th 2011.
7th Biennial Ptolemy Miniconference Berkeley, CA February 13, 2007 Causality Interfaces for Actor Networks Ye Zhou and Edward A. Lee University of California,

7th Biennial Ptolemy Miniconference Berkeley, CA February 13, 2007 Causality Interfaces for Actor Networks Ye Zhou and Edward A. Lee University of California,
Architecture-driven Modeling and Analysis By David Garlan and Bradley Schmerl Presented by Charita Feldman.

Architecture-driven Modeling and Analysis By David Garlan and Bradley Schmerl Presented by Charita Feldman.
CS 290C: Formal Models for Web Software Lecture 10: Language Based Modeling and Analysis of Navigation Errors Instructor: Tevfik Bultan.

CS 290C: Formal Models for Web Software Lecture 10: Language Based Modeling and Analysis of Navigation Errors Instructor: Tevfik Bultan.
1 Ivan Lanese Computer Science Department University of Bologna Roberto Bruni Computer Science Department University of Pisa A mobile calculus with parametric.

1 Ivan Lanese Computer Science Department University of Bologna Roberto Bruni Computer Science Department University of Pisa A mobile calculus with parametric.
Review of “Embedded Software” by E.A. Lee Katherine Barrow Vladimir Jakobac.

Review of “Embedded Software” by E.A. Lee Katherine Barrow Vladimir Jakobac.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Unified Modeling (Part I) Overview of UML & Modeling

Unified Modeling (Part I) Overview of UML & Modeling
Design of Fault Tolerant Data Flow in Ptolemy II Mark McKelvin EE290 N, Fall 2004 Final Project.

Design of Fault Tolerant Data Flow in Ptolemy II Mark McKelvin EE290 N, Fall 2004 Final Project.
Software Engineering, COMP201 Slide 1 Protocol Engineering Protocol Specification using CFSM model Lecture 30.

Software Engineering, COMP201 Slide 1 Protocol Engineering Protocol Specification using CFSM model Lecture 30.
Models of Computation for Embedded System Design Alvise Bonivento.

Models of Computation for Embedded System Design Alvise Bonivento.
1 Ivan Lanese Computer Science Department University of Bologna Italy Concurrent and located synchronizations in π-calculus.

1 Ivan Lanese Computer Science Department University of Bologna Italy Concurrent and located synchronizations in π-calculus.
Mobile Access Control Adriana Compagnoni Stevens Institute of Technology Joint work with Elsa L Gunter (UI-UC) Rutgers, February 3, 2006.

Mobile Access Control Adriana Compagnoni Stevens Institute of Technology Joint work with Elsa L Gunter (UI-UC) Rutgers, February 3, 2006.
Demystifying Architectural Styles Nikunj Mehta 3/11/02Demystifying Architectural Styles2 Architectural Styles Characterize –Structure, i.e. external.

Demystifying Architectural Styles Nikunj Mehta 3/11/02Demystifying Architectural Styles2 Architectural Styles Characterize –Structure, i.e. external.
Mahapatra-A&M-Sprong'021 Co-design Finite State Machines Many slides of this lecture are borrowed from Margarida Jacome.

Mahapatra-A&M-Sprong'021 Co-design Finite State Machines Many slides of this lecture are borrowed from Margarida Jacome.

Similar presentations

Ads by Google