Secure self-certified COTS

Author

Debbabi, M. ; Giasson, E. ; Ktari, B. ; Michaud, F. ; Tawbi, N.

Author_Institution

LSFM Res. Group, Laval Univ., Que., Canada

fYear

2000

fDate

2000

Firstpage

183

Lastpage

188

Abstract

With the advent and the rising popularity of networks, Internet, intranets and distributed systems, security is becoming one of the major concerns in IT research. An increasing number of approaches have been proposed to ensure the safety and security of programs. Among those approaches, certified code seems to be the most promising. Unfortunately, as of today, most of the research on certified code have focused on simple type safety and memory safety, rather than security issues. We therefore propose to extend this approach to the security aspects of a program. Our intention is to use such an approach as an efficient and realistic solution to the problem of malicious code detection in COTS. In this paper, we present our progress in defining and implementing a certifying compiler that produces a secure self-certified code that can be used to ensure both safety and security of the code

Keywords

program compilers; security of data; COTS; certified code; certifying compiler; malicious code detection; memory safety; secure self-certified code; security; type safety; Assembly; Computer science; Computer security; Contracts; Costs; IP networks; Information security; Maintenance; Safety; Technology planning;

fLanguage

English

Publisher

ieee

Conference_Titel

Enabling Technologies: Infrastructure for Collaborative Enterprises, 2000. (WET ICE 2000). Proeedings. IEEE 9th International Workshops on

Conference_Location

Gaithersburg, MD

ISSN

1080-1383

Print_ISBN

0-7695-0798-0

Type

conf

DOI

10.1109/ENABL.2000.883726

Filename

883726