SaTC: CORE: Small: Formal End-to-End Verification of Information-Flow Security for Complex Systems
SaTC:核心:小型:复杂系统信息流安全的正式端到端验证
基本信息
- 批准号:1715154
- 负责人:
- 金额:$ 50万
- 依托单位:
- 依托单位国家:美国
- 项目类别:Standard Grant
- 财政年份:2017
- 资助国家:美国
- 起止时间:2017-08-01 至 2020-07-31
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
Protecting the confidentiality of information manipulated by a computing system is one of the most important challenges facing today's cybersecurity community. Many complex systems, such as operating systems, hypervisors, web browsers, and distributed systems, require a user to trust that private information is properly isolated from other users. Real-world systems are full of bugs, however, so this assumption of trust is not reasonable. The goal of this proposed research is to apply formal methods to complex security-sensitive systems, in such a way that we can guarantee to users that these systems really are trustworthy. Unfortunately, there are numerous prohibitive challenges standing in the way of achieving this goal. One challenge is how to specify the desired security policy of a complex system. In the real world, pure noninterference is too strong to be useful. It is crucial to support more lenient security policies that allow for certain well-specified information flows between users, such as explicit declassifications. A second challenge is that real-world systems are usually written in low-level languages like C and assembly, but these languages are traditionally difficult to reason about. A third challenge is how to actually go about conducting a security proof over low-level code and then link everything together into a system-wide guarantee.In this effort, the PI proposes to design and implement a new set of formal techniques and tools for overcoming all of these challenges. First, the PI will develop a new methodology for formally specifying, proving, and propagating information-flow security policies using a single unifying mechanism, called the "observation function." A policy is specified in terms of an expressive generalization of classical noninterference, proved using a general method that subsumes both security-label proofs and information-hiding proofs, and propagated across layers of abstraction using a special kind of simulation that is guaranteed to preserve security. Second, to demonstrate the effectiveness of the new methodology, the PI will build an actual end-to-end security proof, fully formalized and machine-checked in the Coq proof assistant, of a nontrivial concurrent operating system kernel. Third, the PI will also demonstrate the generality and extensibility of the methodology by extending the kernel with a virtualized time feature allowing user processes to time their own executions. The goal is to prove that user processes cannot exploit virtualized time as an information channel. The technology for building certified secure system software will dramatically improve the reliability and security of many key components in the world's critical infrastructure. It will advance human knowledge in the specification and understanding of software and catalyze a cultural change in U.S. universities by pushing new courses on formal methods into the existing cybersecurity curriculum.
保护被计算系统操纵的信息的机密性是当今网络安全界面临的最重要的挑战之一。许多复杂的系统,如操作系统、管理程序、Web浏览器和分布式系统,都要求用户信任私有信息与其他用户适当地隔离。然而,现实世界的系统充满了漏洞,因此这种信任假设是不合理的。这项研究的目标是将形式化方法应用于复杂的安全敏感系统,以此方式向用户保证这些系统确实是可信的。不幸的是,在实现这一目标的道路上存在许多令人望而却步的挑战。一个挑战是如何指定复杂系统所需的安全策略。在现实世界中,纯粹的不干涉太强了,没有用。支持更宽松的安全策略是至关重要的,这些策略允许用户之间的某些明确指定的信息流,例如显式解密。第二个挑战是,现实世界的系统通常是用低级语言(如C和汇编语言)编写的,但这些语言传统上很难推理。第三个挑战是如何真正着手对低级代码进行安全证明,然后将所有内容联系在一起形成系统范围的保证。在这一努力中,PI建议设计和实现一套新的正式技术和工具来克服所有这些挑战。首先,PI将开发一种新的方法,使用称为“观察功能”的单一统一机制来正式指定、证明和传播信息流安全策略。策略被指定为经典不干扰的表示概括,使用包含安全标签证明和信息隐藏证明的一般方法来证明,并使用确保保持安全性的特殊类型的模拟来跨抽象层传播。其次,为了证明新方法的有效性,PI将构建一个实际的端到端安全证明,该证明在CoQ证明助手中完全形式化和机器检查,对一个不平凡的并发操作系统内核进行验证。第三,PI还将通过使用允许用户进程对其执行进行计时的虚拟时间特性来扩展内核,从而展示该方法的通用性和可扩展性。其目标是证明用户进程不能将虚拟时间用作信息通道。构建经过认证的安全系统软件的技术将极大地提高世界关键基础设施中许多关键组件的可靠性和安全性。它将提高人类在软件规范和理解方面的知识,并通过将有关正式方法的新课程纳入现有的网络安全课程来催化美国大学的文化变革。
项目成果
期刊论文数量(14)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
CompCertELF: verified separate compilation of C programs into ELF object files
- DOI:10.1145/3428265
- 发表时间:2020-11
- 期刊:
- 影响因子:0
- 作者:Yuting Wang;Xiangzhe Xu;Pierre Wilke;Zhong Shao
- 通讯作者:Yuting Wang;Xiangzhe Xu;Pierre Wilke;Zhong Shao
Blinder: Partition-Oblivious Hierarchical Scheduling
Blinder:忽略分区的分层调度
- DOI:
- 发表时间:2021
- 期刊:
- 影响因子:0
- 作者:Yoon, Man-Ki;Liu, Mengqi;Chen, Hao;Kim, Jung-Eun;Shao, Zhong
- 通讯作者:Shao, Zhong
ADLP: Accountable Data Logging Protocol for Publish-Subscribe Communication Systems
- DOI:10.1109/icdcs.2019.00117
- 发表时间:2019-07
- 期刊:
- 影响因子:0
- 作者:Man-Ki Yoon;Zhong Shao
- 通讯作者:Man-Ki Yoon;Zhong Shao
Refinement-Based Game Semantics and Certified Abstraction Layers
基于细化的游戏语义和经过认证的抽象层
- DOI:
- 发表时间:2020
- 期刊:
- 影响因子:0
- 作者:Koenig, Jeremie;Shao, Zhong
- 通讯作者:Shao, Zhong
WormSpace: A Modular Foundation for Simple, Verifiable Distributed Systems
WormSpace:简单、可验证的分布式系统的模块化基础
- DOI:10.1145/3357223.3362739
- 发表时间:2019
- 期刊:
- 影响因子:0
- 作者:Shin, Ji-Yong;Kim, Jieung;Honoré, Wolf;Vanzetto, Hernán;Radhakrishnan, Srihari;Balakrishnan, Mahesh;Shao, Zhong
- 通讯作者:Shao, Zhong
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Zhong Shao其他文献
Proceedings of the 36th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2009, Savannah, GA, USA, January 21-23, 2009
第 36 届 ACM SIGPLAN-SIGACT 编程语言原理研讨会论文集,POPL 2009,美国佐治亚州萨凡纳,2009 年 1 月 21-23 日
- DOI:
- 发表时间:
2009 - 期刊:
- 影响因子:0
- 作者:
Zhong Shao;B. Pierce - 通讯作者:
B. Pierce
Clean-Slate Development of Certified OS Kernels
- DOI:
10.1145/2676724.2693180 - 发表时间:
2015-01 - 期刊:
- 影响因子:0
- 作者:
Zhong Shao - 通讯作者:
Zhong Shao
TIL: a type-directed, optimizing compiler for ML
TIL:用于 ML 的类型导向优化编译器
- DOI:
10.1145/989393.989449 - 发表时间:
2004 - 期刊:
- 影响因子:0
- 作者:
Zhong Shao - 通讯作者:
Zhong Shao
Compiling standard ML for efficient execution on modern machines
- DOI:
- 发表时间:
1994-12 - 期刊:
- 影响因子:0
- 作者:
Zhong Shao - 通讯作者:
Zhong Shao
Reasoning about Optimistic Concurrency Using a Program Logic for History
使用历史程序逻辑推理乐观并发
- DOI:
- 发表时间:
2010 - 期刊:
- 影响因子:0
- 作者:
Ming Fu;Yong Li;Xinyu Feng;Zhong Shao;Yu Zhang - 通讯作者:
Yu Zhang
Zhong Shao的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Zhong Shao', 18)}}的其他基金
SHF: Small: Compositional Certified Concurrent Abstraction Layers
SHF:小型:组合认证的并发抽象层
- 批准号:
2313433 - 财政年份:2023
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
PPoSS: Planning: High-Performance Certified Trust for Global-Scale Applications
PPoSS:规划:全球规模应用程序的高性能认证信任
- 批准号:
2118851 - 财政年份:2021
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
FMitF: Track I: ADVERT: Compositional Atomic Specifications for Distributed System Verification
FMITF:轨道 I:ADVERT:分布式系统验证的组合原子规范
- 批准号:
2019285 - 财政年份:2020
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
SHF: Medium: DeepSEA: A Language for Programming and Synthesizing Certified Software
SHF:媒介:DeepSEA:一种用于编程和综合认证软件的语言
- 批准号:
1763399 - 财政年份:2018
- 资助金额:
$ 50万 - 项目类别:
Continuing Grant
NeTS: Small: A Virtualized Network Resource Pool for Software-Defined Network Management
NeTS:小型:用于软件定义网络管理的虚拟化网络资源池
- 批准号:
1712674 - 财政年份:2016
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
AitF: The Fuzzy Log: A Unifying Abstraction for the Theory and Practice of Distributed Systems
AitF:模糊日志:分布式系统理论与实践的统一抽象
- 批准号:
1637385 - 财政年份:2016
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
Collaborative Research: Expeditions in Computing: The Science of Deep Specification
合作研究:计算探索:深度规范的科学
- 批准号:
1521523 - 财政年份:2015
- 资助金额:
$ 50万 - 项目类别:
Continuing Grant
SHF: Small: VeriQ: Formal Quantitative Software Verification in Realistic Application Scenarios
SHF:小型:VeriQ:现实应用场景中的形式化定量软件验证
- 批准号:
1319671 - 财政年份:2013
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
TC: Medium: Making OS Kernels Crash-Proof by Design and Certification
TC:中:通过设计和认证使操作系统内核防崩溃
- 批准号:
1065451 - 财政年份:2011
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
TC:Large:Collaborative Research:Combininig Foundational and Lightweight Formal Methods to Build Certifiably Dependable Software
TC:大型:协作研究:结合基础方法和轻量级形式方法来构建可证明可靠的软件
- 批准号:
0910670 - 财政年份:2009
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
相似国自然基金
胆固醇羟化酶CH25H非酶活依赖性促进乙型肝炎病毒蛋白Core及Pre-core降解的分子机制研究
- 批准号:82371765
- 批准年份:2023
- 资助金额:50 万元
- 项目类别:面上项目
锕系元素5f-in-core的GTH赝势和基组的开发
- 批准号:22303037
- 批准年份:2023
- 资助金额:30 万元
- 项目类别:青年科学基金项目
基于合成致死策略搭建Core-matched前药共组装体克服肿瘤耐药的机制研究
- 批准号:
- 批准年份:2022
- 资助金额:52 万元
- 项目类别:
鼠伤寒沙门氏菌LPS core经由CD209/SphK1促进树突状细胞迁移加重炎症性肠病的机制研究
- 批准号:
- 批准年份:2022
- 资助金额:30 万元
- 项目类别:青年科学基金项目
基于外泌体精准调控的“核-壳”(core-shell)同步血管化骨组织工程策略的应用与机制探讨
- 批准号:
- 批准年份:2020
- 资助金额:55 万元
- 项目类别:
肌营养不良蛋白聚糖Core M3型甘露糖肽的精确制备及功能探索
- 批准号:92053110
- 批准年份:2020
- 资助金额:70.0 万元
- 项目类别:重大研究计划
Core-1-O型聚糖黏蛋白缺陷诱导胃炎发生并介导慢性胃炎向胃癌转化的分子机制研究
- 批准号:81902805
- 批准年份:2019
- 资助金额:20.5 万元
- 项目类别:青年科学基金项目
原始地球增生晚期的Core-merging大碰撞事件:地核增生、核幔平衡与核幔边界结构的新认识
- 批准号:41973063
- 批准年份:2019
- 资助金额:65.0 万元
- 项目类别:面上项目
CORDEX-CORE区域气候模拟与预估研讨会
- 批准号:41981240365
- 批准年份:2019
- 资助金额:1.5 万元
- 项目类别:国际(地区)合作与交流项目
RBM38通过协助Pol-ε结合、招募core调控HBV复制
- 批准号:31900138
- 批准年份:2019
- 资助金额:24.0 万元
- 项目类别:青年科学基金项目
相似海外基金
SaTC: CORE: Small: An evaluation framework and methodology to streamline Hardware Performance Counters as the next-generation malware detection system
SaTC:核心:小型:简化硬件性能计数器作为下一代恶意软件检测系统的评估框架和方法
- 批准号:
2327427 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Continuing Grant
Collaborative Research: NSF-BSF: SaTC: CORE: Small: Detecting malware with machine learning models efficiently and reliably
协作研究:NSF-BSF:SaTC:核心:小型:利用机器学习模型高效可靠地检测恶意软件
- 批准号:
2338301 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Continuing Grant
Collaborative Research: NSF-BSF: SaTC: CORE: Small: Detecting malware with machine learning models efficiently and reliably
协作研究:NSF-BSF:SaTC:核心:小型:利用机器学习模型高效可靠地检测恶意软件
- 批准号:
2338302 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Continuing Grant
SaTC: CORE: Small: NSF-DST: Understanding Network Structure and Communication for Supporting Information Authenticity
SaTC:核心:小型:NSF-DST:了解支持信息真实性的网络结构和通信
- 批准号:
2343387 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
NSF-NSERC: SaTC: CORE: Small: Managing Risks of AI-generated Code in the Software Supply Chain
NSF-NSERC:SaTC:核心:小型:管理软件供应链中人工智能生成代码的风险
- 批准号:
2341206 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Small: Towards Secure and Trustworthy Tree Models
协作研究:SaTC:核心:小型:迈向安全可信的树模型
- 批准号:
2413046 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
SaTC: CORE: Small: Socio-Technical Approaches for Securing Cyber-Physical Systems from False Claim Attacks
SaTC:核心:小型:保护网络物理系统免受虚假声明攻击的社会技术方法
- 批准号:
2310470 - 财政年份:2023
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
SaTC: CORE: Small: Study, Detection and Containment of Influence Campaigns
SaTC:核心:小型:影响力活动的研究、检测和遏制
- 批准号:
2321649 - 财政年份:2023
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Small: Investigation of Naming Space Hijacking Threat and Its Defense
协作研究:SaTC:核心:小型:命名空间劫持威胁及其防御的调查
- 批准号:
2317830 - 财政年份:2023
- 资助金额:
$ 50万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Small: Towards a Privacy-Preserving Framework for Research on Private, Encrypted Social Networks
协作研究:SaTC:核心:小型:针对私有加密社交网络研究的隐私保护框架
- 批准号:
2318843 - 财政年份:2023
- 资助金额:
$ 50万 - 项目类别:
Continuing Grant