Title :
Verification of Information Flow and Access Control Policies with Dependent Types
Author :
Nanevski, Aleksandar ; Banerjee, Anindya ; Garg, Deepak
Author_Institution :
IMDEA Software Inst., Madrid, Spain
Abstract :
We present Relational Hoare Type Theory (RHTT), a novel language and verification system capable of expressing and verifying rich information flow and access control policies via dependent types. We show that a number of security policies which have been formalized separately in the literature can all be expressed in RHTT using only standard type-theoretic constructions such as monads, higher-order functions, abstract types, abstract predicates, and modules. Example security policies include conditional declassification, information erasure, and state-dependent information flow and access control. RHTT can reason about such policies in the presence of dynamic memory allocation, deallocation, pointer aliasing and arithmetic. The system, theorems and examples have all been formalized in Coq.
Keywords :
authorisation; formal verification; RHTT; Relational Hoare Type Theory; abstract predicates; abstract types; access control policies; deallocation; dependent types; dynamic memory allocation; higher order functions; information flow; information flow verification; language system; modules; pointer aliasing; pointer arithmetic; security policies; verification system; Access control; Context; Dynamic scheduling; Resource management; Semantics; Shape; Access Control; Information Flow; Type Theory;
Conference_Titel :
Security and Privacy (SP), 2011 IEEE Symposium on
Conference_Location :
Berkeley, CA
Print_ISBN :
978-1-4577-0147-4
Electronic_ISBN :
1081-6011
