survey

Formal Approaches to Secure Compilation: A Survey of Fully Abstract Compilation and Related Work

Authors:

Marco Patrignani,

Dave ClarkeAuthors Info & Claims

ACM Computing Surveys (CSUR), Volume 51, Issue 6

Article No.: 125, Pages 1 - 36

https://doi.org/10.1145/3280984

Published: 04 February 2019 Publication History

Abstract

Secure compilation is a discipline aimed at developing compilers that preserve the security properties of the source programs they take as input in the target programs they produce as output. This discipline is broad in scope, targeting languages with a variety of features (including objects, higher-order functions, dynamic memory allocation, call/cc, concurrency) and employing a range of different techniques to ensure that source-level security is preserved at the target level. This article provides a survey of the existing literature on formal approaches to secure compilation with a focus on those that prove fully abstract compilation, which has been the criterion adopted by much of the literature thus far. This article then describes the formal techniques employed to prove secure compilation in existing work, introducing relevant terminology, and discussing the merits and limitations of each work. Finally, this article discusses open challenges and possible directions for future work in secure compilation.

Supplementary Material

a125-patrignani-apndx.pdf (patrignani.zip)

Supplemental movie, appendix, image and software files for, Formal Approaches to Secure Compilation: A Survey of Fully Abstract Compilation and Related Work

Download
335.34 KB

References

[1]

Martín Abadi. 1999. Protection in programming-language translations. In Secure Internet Programming. Springer, 19--34.

Digital Library

[2]

Martín Abadi, Anindya Banerjee, Nevin Heintze, and Jon G. Riecke. 1999. A core calculus of dependency. In Proceedings of the 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’99). ACM, 147--160.

Digital Library

[3]

Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti. 2005. A theory of secure control flow. In Proceedings of the 7th International Conference on Formal Methods and Software Engineering (ICFEM’05). Springer-Verlag, 111--124.

Digital Library

[4]

Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti. 2009. Control-flow integrity principles, implementations, and applications. ACM Trans. Inf. Syst. Secur. 13, 1, Article 4 (2009).

Digital Library

[5]

Martín Abadi, Cédric Fournet, and Georges Gonthier. 1999. Secure communications processing for distributed languages. In Proceedings of the IEEE Symposium on Security and Privacy. 74--88.

[6]

Martín Abadi, Cédric Fournet, and Georges Gonthier. 2000. Authentication primitives and their compilation. In Proceedings of the 27th Symposium on Principles of Programming Languages (POPL’00). ACM, 302--315.

Digital Library

[7]

Martín Abadi, Cédric Fournet, and Georges Gonthier. 2002. Secure implementation of channel abstractions. Info. Comput. 174 (2002), 37--83.

Digital Library

[8]

Martín Abadi and Gordon D. Plotkin. 2012. On protection by layout randomization. ACM Trans. Info. Syst. Secur. 15, Article 8 (July 2012).

Digital Library

[9]

Carmine Abate, Arthur Azevedo de Amorim, Roberto Blanco, Ana Nora Evans, Guglielmo Fachini, Cătălin Hriţcu, Théo Laurent, Benjamin C. Pierce, Marco Stronati, and Andrew Tolmach. 2018. When Good Components Go Bad: Formally Secure Compilation Despite Dynamic Compromise. arXiv:1802.00588. Retrieved from https://arxiv.org/abs/1802.00588.

[10]

Carmine Abate, Roberto Blanco, Deepak Garg, Cătălin Hriţcu, Marco Patrignani, and Jeremy Thibault. 2018. Exploring Robust Property Preservation for Secure Compilation. arXiv:1807.04603. Retrieved from https://arxiv.org/abs/1807.04603.

[11]

Samson Abramsky. 1990. The lazy lambda calculus. In Research Topics in Functional Programming, David A. Turner (Ed.). Addison-Wesley Longman Publishing Co., Inc., 65--116.

Digital Library

[12]

Pedro Adão and Cédric Fournet. 2006. Cryptographically sound implementations for communicating processes. In Proceedings of the International Colloquium on Automata, Languages and Programming (ICALP’06).

Digital Library

[13]

Pieter Agten, Raoul Strackx, Bart Jacobs, and Frank Piessens. 2012. Secure compilation to modern processors. In Proceedings of the IEEE Computer Security Foundations Symposium (CSF’12). IEEE, 171--185.

Digital Library

[14]

Amal Ahmed. 2006. Step-indexed syntactic logical relations for recursive and quantified types. In Proceedings of the European Symposium on Programming (ESOP’06). 69--83.

Digital Library

[15]

Amal Ahmed and Matthias Blume. 2008. Typed closure conversion preserves observational equivalence. In Proceedings of the 13th ACM SIGPLAN International Conference on Functional Programming (ICFP’08). ACM, 157--168.

Digital Library

[16]

Amal Ahmed and Matthias Blume. 2011. An equivalence-preserving CPS translation via multi-language semantics. In Proceedings of the 16th ACM SIGPLAN International Conference on Functional Programming (ICFP’11). ACM, 431--444.

Digital Library

[17]

Arthur Azevedo de Amorim, Nathan Collins, André DeHon, Delphine Demange, Cătălin Hriţcu, David Pichardie, Benjamin C. Pierce, Randy Pollack, and Andrew Tolmach. 2014. A verified information-flow architecture. SIGPLAN Not. 49 (Jan. 2014), 165--178.

Digital Library

[18]

Ioannis G. Baltopoulos and Andrew D. Gordon. 2009. Secure compilation of a multi-tier web language. In Proceedings of the 4th International Workshop on Types in Language Design and Implementation (TLDI’09). ACM, 27--38.

Digital Library

[19]

Gilles Barthe, Tamara Rezk, and Amitabh Basu. 2007. Security types preserving compilation. Comput. Lang. Syst. Struct. 33 (2007), 35--59.

Digital Library

[20]

Gilles Barthe, Tamara Rezk, Alejandro Russo, and Andrei Sabelfeld. 2010. Security of multithreaded programs by compilation. ACM Trans. Info. Syst. Secur. 13, Article 21 (2010).

Digital Library

[21]

Nick Benton and Chung-Kil Hur. 2009. Biorthogonality, step-indexing and compiler correctness. SIGPLAN Not. 44 (Aug. 2009), 97--108.

Digital Library

[22]

Nick Benton and Chung-kil Hur. 2010. Realizability and Compositional Compiler Correctness for a Polymorphic Language. Technical Report. MSR.

[23]

William J. Bowman and Amal Ahmed. 2015. Noninterference for free. In Proceedings of the ACM SIGPLAN International Conference on Functional Programming (ICFP’15). 13.

Digital Library

[24]

Michele Bugliesi and Marco Giunti. 2007. Secure implementations of typed channel abstractions. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’07).

Digital Library

[25]

Nicholas P. Carter, Stephen W. Keckler, and William J. Dally. 1994. Hardware support for fast capability-based addressing. SIGPLAN Not. 29 (1994), 319--327.

Digital Library

[26]

Giuseppe Castagna, Mariangiola Dezani-Ciancaglini, Elena Giachino, and Luca Padovani. 2009. Foundations of session types. In International ACM SIGPLAN Conference on Principles and Practice of Declarative Programming (PPDP’09).

Digital Library

[27]

Juan Chen, Ravi Chugh, and Nikhil Swamy. 2010. Type-preserving compilation of end-to-end verification of security enforcement. In Proceedings of the Programming Language Design and Implementation Conference (PLDI’10). ACM, 412--423.

Digital Library

[28]

Andrey Chudnov and David A. Naumann. 2015. Inlined information flow monitoring for javascript. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’15).

Digital Library

[29]

Michael R. Clarkson and Fred B. Schneider. 2010. Hyperproperties. J. Comput. Secur. 18, 6 (Sept. 2010), 1157--1210.

Digital Library

[30]

Ricardo Corin, Pierre-Malo Deniélou, Cédric Fournet, Karthikeyan Bhargavan, and James Leifer. 2008. A secure compiler for session abstractions. J. Comput. Secur. 16 (2008), 573--636.

Digital Library

[31]

Pierre-Louis Curien. 2007. Definability and full abstraction. Electron. Notes Theor. Comput. Sci. 172 (2007), 301--310.

Digital Library

[32]

Jack B. Dennis and Earl C. Van Horn. 1966. Programming semantics for multiprogrammed computations. Commun. ACM 9 (Mar. 1966), 143--155.

Digital Library

[33]

Dominique Devriese, Marco Patrignani, Steven Keuchel, and Frank Piessens. 2017. Modular, fully-abstract compilation by approximate back-translation. Logical Methods in Computer Science, Vol. 13, Issue 4 (Oct. 2017).

[34]

Dominique Devriese, Marco Patrignani, and Frank Piessens. 2016. Secure compilation by approximate back-translation. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’16).

[35]

Dominique Devriese, Marco Patrignani, and Frank Piessens. 2018. Parametricity versus the universal type. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’18).

Digital Library

[36]

Udit Dhawan, Catalin Hritcu, Raphael Rubin, Nikos Vasilakis, Silviu Chiricescu, Jonathan M. Smith, Thomas F. Knight, Jr., Benjamin C. Pierce, and Andre DeHon. 2015. Architectural support for software-defined metadata processing. In Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS’15).

Digital Library

[37]

Udit Dhawan, Nikos Vasilakis, Raphael Rubin, Silviu Chiricescu, Jonathan M. Smith, Thomas F. Knight, Jr., Benjamin C. Pierce, and André DeHon. 2014. PUMP: A programmable unit for metadata processing. In Proceedings of the Hardware and Architectural Support for Security and Privacy Conference (HASP’14). 8:1--8:8.

Digital Library

[38]

D. Dolev and A. C. Yao. 1981. On the security of public key protocols. In Proceedings of the Annual IEEE Symposium on Foundations of Computer Science (SFCS’81). IEEE Computer Society, 350--357.

Digital Library

[39]

Vijay D’silva, Daniel Kroening, and Georg Weissenbacher. 2008. A survey of automated techniques for formal software verification. IEEE Trans. Comput.-aided Design Integr. Circ. Syst. 27 (2008).

Digital Library

[40]

Dominic Duggan. 2004. Type-based cryptographic operations. J. Comput. Secur. 12 (May 2004), 485--550.

Digital Library

[41]

Úlfar Erlingsson. 2004. The Inlined Reference Monitor Approach to Security Policy Enforcement. Ph.D. Dissertation. Advisor(s) Schneider, Fred B. AAI3114521.

[42]

Úlfar Erlingsson and Fred B. Schneider{n.d.}. SASI enforcement of security policies: A retrospective. In Proceedings of the New Security Paradigms Workshop (NSPW’99).

Digital Library

[43]

Úlfar Erlingsson and Fred B. Schneider. 2000. IRM enforcement of java stack inspection. In Proceedings of the IEEE Symposium on Security and Privacy (IEEE S&P’’’00). 246--255.

Digital Library

[44]

Guglielmo Fachini, Cătălin Hriţcu, Marco Stronati, Ana Nora Evans, Theo Laurent, Arthur Azevedo de Amorim, Benjamin C. Pierce, and Andrew Tolmach. 2018. Formally secure compilation of unsafe low-level components. In Proceedings of the Workshop on Principles of Secure Compilation (PRISC’18).

[45]

Cédric Fournet and Georges Gonthier. 1996. The reflexive CHAM and the join-calculus. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’96). 372--385.

Digital Library

[46]

Cedric Fournet, Andrew Gordon, and Sergio Maffeis. 2007. A type discipline for authorization in distributed systems. In Proceedings of the 20th IEEE Computer Security Foundations Symposium (CSF’07). IEEE Computer Society, 31--48.

Digital Library

[47]

Cédric Fournet, Gurvan Le Guernic, and Tamara Rezk. 2009. A security-preserving compiler for distributed programs: From information-flow policies to cryptographic mechanisms. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’09).

Digital Library

[48]

Cédric Fournet and Tamara Rezk. {n.d.}. Cryptographically sound implementations for typed information-flow security. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’08).

Digital Library

[49]

Cedric Fournet, Nikhil Swamy, Juan Chen, Pierre-Evariste Dagand, Pierre-Yves Strub, and Benjamin Livshits. {n. d.}. Fully abstract compilation to javascript. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’13).

Digital Library

[50]

D. Garg, C. Hritcu, M. Patrignani, M. Stronati, and D. Swasey. 2017. Robust hyperproperty preservation for secure compilation (extended abstract). ArXiv e-prints (Oct. 2017). arxiv:cs.CR/1710.07309.

[51]

Dan R Ghica and Zaid Al-Zobaidi. 2012. Coherent minimisation: Towards efficient tamper-proof compilation. In Proceedings of the 5th Interaction and Concurrency Experience Workshop (ICE’12). 16.

[52]

Dan R. Ghica and Nikos Tzevelekos. 2012. A system-level game semantics. Electr. Notes Theo. Comp. Sci. 286 (2012).

Digital Library

[53]

Ian Goldberg, David Wagner, Randi Thomas, and Eric A. Brewer. 1996. A secure environment for untrusted helper applications confining the wily hacker. In Proceedings of the 6th Conference on USENIX Security Symposium.

Digital Library

[54]

Andrew D. Gordon and Alan Jeffrey. 2002. Authenticity by typing for security protocols. J. Comput. Secur. 11, 4 (2002).

Digital Library

[55]

Daniele Gorla and Uwe Nestman. 2016. Full abstraction for expressiveness: History, myths and facts. Math. Struct. Comput. Sci. 26, 4 (2016), 639--654.

[56]

Chung-Kil Hur and Derek Dreyer. 2011. A Kripke logical relation between ML and assembly. SIGPLAN Not. 46 (2011).

Digital Library

[57]

Radha Jagadeesan, Corin Pitcher, Julian Rathke, and James Riely. 2011. Local memory via layout randomization. In Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium (CSF’11). IEEE Computer Society, 161--174.

Digital Library

[58]

Alan Jeffrey and Julian Rathke. {n.d.}. Java Jr.: Fully abstract trace semantics for a core Java language. In Proceedings of the European Symposium on Programming (ESOP’05).

Digital Library

[59]

Einar Broch Johnsen, Reiner Hähnle, Jan Schäfer, Rudolf Schlatte, and Martin Steffen. 2011. ABS: A core language for abstract behavioral specification. In Proceedings of the International Symposium on Formal Methods for Components and Objects (FMCO’10). 142--164.

Digital Library

[60]

Yannis Juglaret, Cătălin Hriţcu, Arthur Azevedo de Amorim, and Benjamin C. Pierce. 2016. Beyond good and evil: Formalizing the security guarantees of compartmentalizing compilation. In Proceedings of the IEEE Computer Security Foundations Symposium (CSF’16).

[61]

Yannis Juglaret, Catalin Hritcu, Arthur Azevedo de Amorim, Benjamin C. Pierce, Antal Spector-Zabusky, and Andrew Tolmach. 2015. Towards a fully abstract compiler using micro-policies: Secure compilation for mutually distrustful components. CoRR abs/1510.00697 (2015). Retrieved from http://arxiv.org/abs/1510.00697.

[62]

Jeehoon Kang, Yoonseung Kim, Chung-Kil Hur, Derek Dreyer, and Viktor Vafeiadis. 2016. Lightweight verification of separate compilation. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’16). 178--190.

Digital Library

[63]

Andrew Kennedy. 2006. Securing the .NET programming model. Theoret. Comput. Sci. 364 (2006), 311--317.

Digital Library

[64]

Ramana Kumar, Magnus O. Myreen, Michael Norrish, and Scott Owens. 2014. CakeML: A verified implementation of ML. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’14). 179--192.

Digital Library

[65]

Volodymyr Kuznetsov, László Szekeres, Mathias Payer, George Candea, R. Sekar, and Dawn Song. 2014. Code-pointer integrity. In Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI’14). USENIX Association, 147--163.

Digital Library

[66]

Adriaan Larmuseau and Dave Clarke. 2015. Formalizing a secure foreign function interface. In Proceedings of the Conference on Software Engineering and Formal Methods (SEFM’15) (LNCS).

[67]

Adriaan Larmuseau, Marco Patrignani, and Dave Clarke. 2014. Operational semantics for secure interoperation. In Proceedings of the Programming Languages and Analysis for Security Conference (PLAS’14). ACM.

Digital Library

[68]

Adriaan Larmuseau, Marco Patrignani, and Dave Clarke. 2016. Implementing a secure abstract machine. In Proceedings of the ACM Symposium on Applied Computing (SAC’16).

Digital Library

[69]

Peeter Laud. 2012. Secure implementation of asynchronous method calls and futures. In Trusted Systems, Chris J. Mitchell and Allan Tomlinson (Eds.). LNCS, Vol. 7711. Springer, Berlin, 25--47.

[70]

Christopher League, Zhong Shao, and Valery Trifonov. 2002. Type-preserving compilation of featherweight java. ACM Trans. Program. Lang. Syst. 24 (2002), 112--152.

Digital Library

[71]

Xavier Leroy. 2006. Formal certification of a compiler back-end or: Programming a compiler with a proof assistant. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’06). 42--54.

Digital Library

[72]

Xavier Leroy. 2009. A formally verified compiler back-end. J. Autom. Reason. 43, 4 (2009), 363--446.

Digital Library

[73]

Andreas Lochbihler. 2010. Verifying a compiler for java threads. In Proceedings of the European Symposium on Programming (ESOP’10). Springer-Verlag, 427--447.

Digital Library

[74]

Jacob Matthews and Amal Ahmed. 2008. Parametric polymorphism through run-time sealing or, theorems for low, low prices&excl;. In Proceedings of the European Symposium on Programming (ESOP’08/ETAPS’08). Springer-Verlag, 16--31.

Digital Library

[75]

Jacob Matthews and Robert Bruce Findler. 2009. Operational semantics for multi-language programs. ACM Trans. Program. Lang. Syst. 31, Article 12 (Apr. 2009).

Digital Library

[76]

Jonathan M. McCune, Yanlin Li, Ning Qu, Zongwei Zhou, Anupam Datta, Virgil Gligor, and Adrian Perrig. 2010. TrustVisor: Efficient TCB reduction and attestation. In Proceedings of the IEEE Security and Privacy Workshops (SP’10). IEEE, 143--158.

Digital Library

[77]

Jonathan M. McCune, Bryan J. Parno, Adrian Perrig, Michael K. Reiter, and Hiroshi Isozaki. 2008. Flicker: An execution infrastructure for TCB minimization. SIGOPS Oper. Syst. Rev. 42, Article 24 (Apr. 2008).

Digital Library

[78]

Frank McKeen, Ilya Alexandrovich, Alex Berenzon, Carlos V. Rozas, Hisham Shafi, Vedvyas Shanbhogue, and Uday R. Savagaonkar. 2013. Innovative instructions and software model for isolated execution. In Proceedings of the Hardware and Architectural Support for Security and Privacy Conference (HASP’13).

Digital Library

[79]

Ricardo Medel, Adriana B. Compagnoni, and Eduardo Bonelli. 2005. A typed assembly language for non-interference. In Proceedings of the Italian Conference on Theoretical Computer Science (ICTCS’05). 360--374.

Digital Library

[80]

Robin Milner. 1977. Fully abstract models of typed calculi. Theoret. Comput. Sci. 4, 1 (1977), 1--22.

[81]

Robin Milner. 1999. Communicating and Mobile Systems—The Pi-calculus. Cambridge University Press.

Digital Library

[82]

John C. Mitchell. 1993. On abstraction and the expressive power of programming languages. Sci. Comput. Program. 21, 2 (1993), 141--163.

Digital Library

[83]

Eugenio Moggi. 1989. Computational lambda-calculus and monads. In Proceedings of the ACM/IEEE Symposium on Logic in Computer Science (LICS’89). IEEE Press, 14--23.

Digital Library

[84]

Greg Morrisett, David Walker, Karl Crary, and Neal Glew. 1999. From system F to typed assembly language. ACM Trans. Program. Lang. Syst. 21 (1999), 527--568.

Digital Library

[85]

Magnus O. Myreen. 2010. Verified just-in-time compiler on x86. SIGPLAN Not. 45 (Jan. 2010), 107--118.

Digital Library

[86]

George C. Necula. 1997. Proof-carrying code. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’97). ACM, 106--119.

Digital Library

[87]

Georg Neis, Chung-Kil Hur, Jan-Oliver Kaiser, Craig McLaughlin, Derek Dreyer, and Viktor Vafeiadis. 2015. Pilsner: A compositionally verified compiler for a higher-order imperative language. In Proceedings of the 16th ACM SIGPLAN International Conference on Functional Programming (ICFP’15). ACM, 166--178.

Digital Library

[88]

Max S. New, William J. Bowman, and Amal Ahmed. 2016. Fully abstract compilation via universal embedding. In Proceedings of the 21st ACM SIGPLAN International Conference on Functional Programming (ICFP’16). ACM.

Digital Library

[89]

Job Noorman, Pieter Agten, Wilfried Daniels, Raoul Strackx, Anthony Van Herrewege, Christophe Huygens, Bart Preneel, Ingrid Verbauwhede, and Frank Piessens. 2013. Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In Proceedings of the 22nd USENIX Conference on Security Symposium.

Digital Library

[90]

Joachim Parrow. 2008. Expressiveness of process algebras. Electr. Notes Theo. Comput. Sci. 209 (2008), 173--186.

Digital Library

[91]

Joachim Parrow. 2014. General conditions for full abstraction. Math. Struct. Comput. Sci. (2014).

[92]

Marco Patrignani, Pieter Agten, Raoul Strackx, Bart Jacobs, Dave Clarke, and Frank Piessens. 2015. Secure compilation to protected module architectures. ACM Trans. Program. Lang. Syst. 37, Article 6 (Apr. 2015).

Digital Library

[93]

Marco Patrignani and Dave Clarke. 2015. Fully abstract trace semantics for protected module architectures. Comput. Lang. Syst. Struct. 42, 0 (2015), 22--45.

[94]

Marco Patrignani, Dave Clarke, and Frank Piessens. 2013. Secure compilation of object-oriented components to protected module architectures. In Proceedings of the Asian Symposium on Programming Languages and Systems (APLAS’13). 176--191.

Digital Library

[95]

Marco Patrignani, Dominique Devriese, and Frank Piessens. 2016. On modular and fully abstract compilation. In Proceedings of the 29th IEEE Computer Security Foundations Symposium (CSF’16).

[96]

Marco Patrignani and Deepak Garg. 2017. Secure compilation as hyperproperty preservation. In Proceedings of the IEEE Computer Security Foundations Symposium (CSF’17).

[97]

Marco Patrignani and Deepak Garg. 2018. Robustly safe compilation or, efficient, provably secure compilation. CoRR abs/1804.00489 (2018). arxiv:1804.00489. Retrieved from http://arxiv.org/abs/1804.00489.

[98]

Daniel Patterson and Amal Ahmed. 2018. On compositional compiler correctness and fully abstract compilation. In Proceedings of the Workshop on Principles of Secure Compilation (PRISC’18).

[99]

James T. Perconti and Amal Ahmed. 2014. Verifying an open compiler using multi-language semantics. In Proceedings of the European Symposium on Programming (ESOP’14) (Lecture Notes in Computer Science), Vol. 8410. 128--148.

Digital Library

[100]

Benjamin Pierce. 2002. Types and Programming Languages. MIT Press.

Digital Library

[101]

Benjamin Pierce and Eijiro Sumii. 2000. Relating Cryptography and Polymorphism. CiteSeer.

[102]

Frank Piessens, Dominique Devriese, Jan Tobias Muhlberg, and Raoul Strackx. 2016. Security guarantees for the execution infrastructure of software applications. In Proceedings of the IEEE Cybersecurity Development Conference (SecDev’16).

[103]

Gordon D. Plotkin. 1977. LCF considered as a programming language. Theoret. Comput. Sci. 5 (1977), 223--255.

[104]

Jon G. Riecke. 1991. Fully abstract translations between functional languages. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’91).

Digital Library

[105]

Eike Ritter and Andrew M. Pitts. 1995. A fully abstract translation between a lambda-calculus with reference types and standard ML. In Proceedings of the Typed Lambda Calculi and Applications Conference (TLCA’95). Springer-Verlag, 397--413.

Digital Library

[106]

Davide Sangiorgi. 2012. Introduction to Bisimulation and Coinduction. Cambridge University Press.

[107]

Davide Sangiorgi and David Walker. 2001. The Pi-Calculus—A Theory of Mobile Processes. Cambridge University Press.

Digital Library

[108]

Fred B. Schneider. 2000. Enforceable security policies. ACM TISSEC 3, 1 (2000), 30--50.

Digital Library

[109]

Jaroslav Sevcik, Viktor Vafeiadis, Francesco Zappa Nardelli, Suresh Jagannathan, and Peter Sewell. 2011. Relaxed-memory concurrency and verified compilation. SIGPLAN Not. 46 (Jan. 2011), 43--54.

Digital Library

[110]

Naokata Shikuma and Atsushi Igarashi. 2007. Proving noninterference by a fully complete translation to the simply typed λ-calculus. In Advances in Computer Science (ASIAN’06). Vol. 4435. 301--315.

Digital Library

[111]

Jeremy G. Siek and Walid Taha. 2007. Gradual typing for objects. In Proceedings of the European Conference on Object-Oriented Programming (ECOOP’07). 2--27.

Digital Library

[112]

Rohit Sinha, Manuel Costa, Akash Lal, Nuno P. Lopes, Sriram Rajamani, Sanjit A. Seshia, and Kapil Vaswani. 2016. A design and verification methodology for secure isolated regions. SIGPLAN Not. 51, 6 (June 2016), 665--681.

Digital Library

[113]

Gordon Stewart, Lennart Beringer, Santiago Cuellar, and Andrew W. Appel. 2015. Compositional compcert. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’15). ACM, 275--287.

Digital Library

[114]

Raoul Strackx and Frank Piessens. 2012. Fides: Selectively hardening software application components against kernel-level or process-level malware. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’12). ACM, 2--13.

Digital Library

[115]

Eijiro Sumii and Benjamin C. Pierce. 2004. A bisimulation for dynamic sealing. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’04). 161--172.

Digital Library

[116]

Nikhil Swamy, Juan Chen, Cédric Fournet, Pierre-Yves Strub, Karthikeyan Bhargavan, and Jean Yang. 2011. Secure distributed programming with value-dependent types. In Proceedings of the 16th ACM SIGPLAN International Conference on Functional Programming (ICFP’11). ACM, 266--278.

Digital Library

[117]

Nikhil Swamy, Cedric Fournet, Aseem Rastogi, Karthikeyan Bhargavan, Juan Chen, Pierre-Yves Strub, and Gavin Bierman. 2014. Gradual typing embedded securely in javascript. SIGPLAN Not. 49, 1 (Jan. 2014), 425--437.

Digital Library

[118]

D. Tarditi, G. Morrisett, P. Cheng, C. Stone, R. Harper, and P. Lee. 1996. TIL: A type-directed optimizing compiler for ML. 181--192. https://www.cs.cmu.edu/&sim;rwh/papers/til/tr.pdf.

Digital Library

[119]

Stelios Tsampas, Akram El-Korashy, Marco Patrignani, Dominique Devriese, Deepak Garg, and Frank Piessens. 2017. Towards automatic compartmentalization of C programs on capability machines. In Proceedings of the International Conference on Foundations of Computer Science (FCS’17).

[120]

Stephen Tse and Steve Zdancewic. 2004. Translating dependency into parametricity. SIGPLAN Not. 39 (2004), 115--125.

Digital Library

[121]

Stephen Tse and Steve Zdancewic. 2007. Run-time principals in information-flow type systems. ACM Trans. Program. Lang. Syst. 30, Article 6 (Nov. 2007).

Digital Library

[122]

Dennis Volpano, Cynthia Irvine, and Geoffrey Smith. 1996. A sound type system for secure flow analysis. J. Comput. Secur. 4 (1996), 167--187. Issue 2-3.

Digital Library

[123]

Robert Wahbe, Steven Lucco, Thomas E. Anderson, and Susan L. Graham. 1993. Efficient software-based fault isolation. SIGOPS Oper. Syst. Rev. 27, 5 (Dec. 1993), 203--216.

Digital Library

[124]

David Walker. 2000. A type system for expressive security policies. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’00).

Digital Library

[125]

Mitchell Wand. 1998. The theory of fexprs is trivial. Lisp Symbol. Comput. 10 (1998), 189--199.

Digital Library

[126]

Xiaoyun Wang and Hongbo Yu. 2005. How to break MD5 and other hash functions. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’05). 19--35.

Digital Library

[127]

Robert N. M. Watson, Jonathan Anderson, Ben Laurie, and Kris Kennaway. 2010. Capsicum: Practical capabilities for UNIX. In Proceedings of the USENIX Security Symposium. USENIX Association, 29--46.

Digital Library

[128]

Jonathan Woodruff, Robert N. M. Watson, David Chisnall, Simon W. Moore, Jonathan Anderson, Brooks Davis, Ben Laurie, Peter G. Neumann, Robert Norton, and Michael Roe. 2014. The CHERI capability model: Revisiting RISC in an age of risk. In Proceedings of the International Symposium on Computer Architecture (ISCA’14). 457--468.

Digital Library

[129]

Dachuan Yu and Nayeem Islam. 2006. A typed assembly language for confidentiality. In Proceedings of the European Symposium on Programming (ESOP’06).

Digital Library

[130]

Stephan A. Zdancewic. 2002. Programming Languages for Information Security. Ph.D. Dissertation. Cornell University.

Digital Library

[131]

Bin Zeng, Gang Tan, and Greg Morrisett. 2011. Combining control-flow integrity and static analysis for efficient and validated data sandboxing. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’11). ACM, 29--40.

Digital Library

[132]

Jianzhou Zhao, Qi Zhang, and Steve Zdancewic. 2010. Relational parametricity for a polymorphic linear lambda calculus. In Proceedings of the Asian Symposium on Programming Languages and Systems (APLAS’10). 344--359.

Digital Library

Cited By

Accattoli BLancelot AManzonetto GVanoni G(2025)Interaction EquivalenceProceedings of the ACM on Programming Languages10.1145/37048919:POPL(1627-1656)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704891
Patrignani MKünnemann RWahby RCecchetti E(2024)Universal Composability Is Robust CompilationACM Transactions on Programming Languages and Systems10.1145/369823446:4(1-64)Online publication date: 31-Dec-2024
https://dl.acm.org/doi/10.1145/3698234
Thibault JBlanco RLee DArgo SAzevedo de Amorim AGeorges AHriţcu CTolmach ALuo BLiao XXu JKirda ELie D(2024)SECOMP: Formally Secure Compilation of Compartmentalized C ProgramsProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670288(1061-1075)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3670288
Show More Cited By

Index Terms

Formal Approaches to Secure Compilation: A Survey of Fully Abstract Compilation and Related Work

Recommendations

Robustly Safe Compilation, an Efficient Form of Secure Compilation

Security-preserving compilers generate compiled code that withstands target-level attacks such as alteration of control flow, data leaks, or memory corruption. Many existing security-preserving compilers are proven to be fully abstract, meaning that they ...
Secure Compilation to Protected Module Architectures

A fully abstract compiler prevents security features of the source language from being bypassed by an attacker operating at the target language level. Unfortunately, developing fully abstract compilers is very complex, and it is even more so when the ...
Fully abstract compilation via universal embedding
ICFP 2016: Proceedings of the 21st ACM SIGPLAN International Conference on Functional Programming

A fully abstract compiler guarantees that two source components are observationally equivalent in the source language if and only if their translations are observationally equivalent in the target. Full abstraction implies the translation is secure: ...

Comments

Information & Contributors

Information

Published In

cover image ACM Computing Surveys

ACM Computing Surveys Volume 51, Issue 6

November 2019

786 pages

ISSN:0360-0300

EISSN:1557-7341

DOI:10.1145/3303862

Editor:
Sartaj Sahni
Department of Computer and Information Science and Engineering

Issue’s Table of Contents

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 February 2019

Accepted: 01 September 2018

Revised: 01 July 2018

Received: 01 February 2018

Published in CSUR Volume 51, Issue 6

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Survey
Research
Refereed

Funding Sources

Bundesministerium für Bildung und Forschung

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

40
Total Citations
View Citations
1,048
Total Downloads

Downloads (Last 12 months)98
Downloads (Last 6 weeks)14

Reflects downloads up to 15 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Accattoli BLancelot AManzonetto GVanoni G(2025)Interaction EquivalenceProceedings of the ACM on Programming Languages10.1145/37048919:POPL(1627-1656)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704891
Patrignani MKünnemann RWahby RCecchetti E(2024)Universal Composability Is Robust CompilationACM Transactions on Programming Languages and Systems10.1145/369823446:4(1-64)Online publication date: 31-Dec-2024
https://dl.acm.org/doi/10.1145/3698234
Thibault JBlanco RLee DArgo SAzevedo de Amorim AGeorges AHriţcu CTolmach ALuo BLiao XXu JKirda ELie D(2024)SECOMP: Formally Secure Compilation of Compartmentalized C ProgramsProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670288(1061-1075)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3670288
Andrici CCiobâcă ȘHriţcu CMartínez GRivas ETanter ÉWinterhalter T(2024)Securing Verified IO Programs Against Unverified Code in F*Proceedings of the ACM on Programming Languages10.1145/36329168:POPL(2226-2259)Online publication date: 5-Jan-2024
https://doi.org/10.1145/3632916
Bartoletti MMarchesin RZunino R(2024)Secure compilation of rich smart contracts on poor UTXO blockchains2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP60621.2024.00021(235-267)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSP60621.2024.00021
Busi MFocardi RLuccio F(2024)Bridging the Gap: Automated Analysis of Sancus2024 IEEE 37th Computer Security Foundations Symposium (CSF)10.1109/CSF61375.2024.00023(233-248)Online publication date: 8-Jul-2024
https://doi.org/10.1109/CSF61375.2024.00023
Xu JLu KDu ZDing ZLi LWu QPayer MMao BCalandrino JTroncoso C(2023)Silent bugs matterProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620442(3655-3672)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620442
Richter DKretzler DWeisenburger PSalvaneschi GFaust SMezini M(2023) Prisma : A Tierless Language for Enforcing Contract-client Protocols in Decentralized ApplicationsACM Transactions on Programming Languages and Systems10.1145/360462945:3(1-41)Online publication date: 23-Sep-2023
https://dl.acm.org/doi/10.1145/3604629
Huang YYallop J(2023)Defunctionalization with Dependent TypesProceedings of the ACM on Programming Languages10.1145/35912417:PLDI(516-538)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591241
Xu JBartolomeo LToffalini FMao BPayer M(2023)WarpAttack: Bypassing CFI through Compiler-Introduced Double-Fetches2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179433(1271-1288)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179433
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Issue’s Table of Contents