Static Enforcement of Security in Runtime Systems

Research output: Contribution to book/anthology/report/proceedingArticle in proceedingsResearchpeer-review

Documents

  • Zee

    Accepted manuscript, 1 MB, PDF document

DOI

Underneath every modern programming language is a runtime environment (RTE) that handles features such as automatic memory management and thread scheduling. In the information-flow control (IFC) literature, the RTE is often part of the trusted computing base (TCB), and there has been little focus on applying IFC to the implementation of the RTE itself. In this paper we address this problem by designing an IFC language, Zee, for implementing secure RTEs, thereby removing the RTE from the TCB. We implement Zee and design and implement secure versions of garbage collectors and thread schedulers using Zee. We also prove that a faithful calculus of Zee satisfies a strong variant of timing-sensitive noninterference.

Original languageEnglish
Title of host publicationProceedings - 2019 IEEE 32nd Computer Security Foundations Symposium, CSF 2019
Number of pages16
PublisherIEEE
Publication year2019
Pages335-350
Article number8823712
ISBN (Electronic)9781728114064
DOIs
Publication statusPublished - 2019
Event2019 IEEE 32nd Computer Security Foundations Symposium (CSF) - Hoboken, United States
Duration: 25 Jun 201928 Jun 2019
Conference number: 32

Conference

Conference2019 IEEE 32nd Computer Security Foundations Symposium (CSF)
Nummer32
LandUnited States
ByHoboken
Periode25/06/201928/06/2019

    Research areas

  • Information flow control

See relations at Aarhus University Citationformats

Activities

Download statistics

No data available

ID: 160409870