Reasoning about Object Capabilities with Logical Relations and Effect Parametricity

@article{Devriese2016ReasoningAO,
  title={Reasoning about Object Capabilities with Logical Relations and Effect Parametricity},
  author={Dominique Devriese and Lars Birkedal and Frank Piessens},
  journal={2016 IEEE European Symposium on Security and Privacy (EuroS&P)},
  year={2016},
  pages={147-162}
}
Object capabilities are a technique for fine-grained privilege separation in programming languages and systems, with important applications in security. However, current formal characterisations do not fully capture capability-safety of a programming language and are not sufficient for verifying typical applications. Using state-of-the-art techniques from programming languages research, we define a logical relation for a core calculus of JavaScript that better characterises capability-safety… CONTINUE READING

Citations

Publications citing this paper.
SHOWING 1-10 OF 20 CITATIONS

Reasoning about a Capability Machine with Local Capabilities

VIEW 4 EXCERPTS
CITES RESULTS & BACKGROUND
HIGHLY INFLUENCED

Beyond Good and Evil: Formalizing the Security Guarantees of Compartmentalizing Compilation

  • 2016 IEEE 29th Computer Security Foundations Symposium (CSF)
  • 2016
VIEW 3 EXCERPTS
CITES BACKGROUND
HIGHLY INFLUENCED

When Good Components Go Bad: Formally Secure Compilation Despite Dynamic Compromise

  • ACM Conference on Computer and Communications Security
  • 2018
VIEW 1 EXCERPT
CITES BACKGROUND

References

Publications referenced by this paper.
SHOWING 1-10 OF 38 REFERENCES

Patterns of safe collaboration

VIEW 6 EXCERPTS
HIGHLY INFLUENTIAL

Modules as Objects in Newspeak

VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

Reasoning about object capabilities with logical relations and effect parametricity technical report including proofs and details

D. Devriese, L. Birkedal, F. Piessens
  • Dept. of Computer Science, KU Leuven, Tech. Rep. CW690, 2016. [Online]. Available: http://www.cs.kuleuven.be/publicaties/rapporten/cw/CW690.abs.html
  • 2016
VIEW 1 EXCERPT

A Logic of Programs with Interface-Confined Code

  • 2015 IEEE 28th Computer Security Foundations Symposium
  • 2015
VIEW 1 EXCERPT

Declarative Policies for Capability Control

  • 2014 IEEE 27th Computer Security Foundations Symposium
  • 2014
VIEW 1 EXCERPT

The CHERI capability model: Revisiting RISC in an age of risk

  • 2014 ACM/IEEE 41st International Symposium on Computer Architecture (ISCA)
  • 2014
VIEW 3 EXCERPTS

Similar Papers

Loading similar papers…