research-article

ActionScript bytecode verification with co-logic programming

Authors:

Brian W. DeVries,

Kevin W. Hamlen,

Meera SridharAuthors Info & Claims

PLAS '09: Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security

Pages 9 - 15

https://doi.org/10.1145/1554339.1554342

Published: 15 June 2009 Publication History

Abstract

A prototype security policy verification system for Action-Script binaries is presented, whose implementation leverages recent advances in co-logic programming. Our experience with co-logic programming indicates that it is an extremely useful paradigm for elegantly expressing algorithms that lie at the heart of model-checking technologies. This results in an unusually small trusted computing base, making the verification system well-suited to frameworks like certifying in-lined reference monitoring systems, which require small, light-weight verifiers. Preliminary experiments and progress are discussed.

References

[1]

Actionscript virtual machine 2 overview, 2007. http://www.adobe.com/devnet/actionscript/articles/avm2overview.pdf.

[2]

I. Aktug and K. Naliuka. ConSpec - A Formal Language for Policy Specification. Science of Computer Prog., 74:2--12, 2008.

Digital Library

[3]

C. Baier and J.-P. Katoen. Principles of Model Checking (Representation and Mind Series). The MIT Press, 2008.

Digital Library

[4]

A. Bansal. Next Generation Logic Programming Systems. PhD thesis, The University of Texas at Dallas, Dallas, Texas, 2007.

Digital Library

[5]

S. Basu and S. A. Smolka. Model checking the Java metalocking algorithm. ACM Trans. Softw. Eng. Methodol., 16(3):12, 2007.

Digital Library

[6]

F. Chen. Java-MOP: A monitoring oriented programming environment for Java. In In Proc. of the Eleventh International Conf. on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), pages 546--550. Springer, 2005.

Digital Library

[7]

W. Chen and D. S. Warren. Tabled Evaluation with Delaying for General Logic Programs. Journal of the ACM, 43:43--1, 1996.

Digital Library

[8]

N. Daniele, F. Guinchiglia, and M. Y. Vardi. Improved automata generation for linear temporal logic. In Computer Aided Verification, Proc. 11th International Conf., volume 1633 of LNCS, pages 249--260. Springer-Verlag, 1999.

Digital Library

[9]

B. W. DeVries. Developing an optimized LTL model checker in coinductive prolog, forthcoming. Master's thesis, University of Texas at Dallas, June 2009.

[10]

L. K. Dillon and Y. S. Ramakrishna. Generating oracles from your favorite temporal logic specifications. SIGSOFT Softw. Eng. Notes, 21(6):106--117, 1996.

Digital Library

[11]

U. Erlingsson and F. B. Schneider. SASI Enforcement of Security Policies: A Retrospective. In Proc. of the New Security Paradigms Workshop, 1999.

Digital Library

[12]

K. Etessami and G. J. Holzmann. Optimizing büchi automata. In CONCUR '00: Proc. of the 11th International Conf. on Concurrency Theory, pages 153--167. Springer, 2000.

Digital Library

[13]

G. Gupta, A. Bansal, R. Min, L. Simon, and A. Mallya. Coinductive Logic Programming and Its Applications. In Proc. of the International Conf. on Logic Prog., 2007.

Digital Library

[14]

K. W. Hamlen. Security Policy Enforcement by Automated Program-rewriting. PhD thesis, Cornell University, Ithaca, New York, 2006.

Digital Library

[15]

K. W. Hamlen and M. Jones. Aspect-Oriented In-lined Reference Monitors. In Proc. of the ACM SIGPLAN Workshop on Prog. Languages and Analysis for Security (PLAS), 2008.

Digital Library

[16]

K. W. Hamlen, G. Morrisett, and F. B. Schneider. Certified In-Lined Reference Monitoring on .NET. In Proc. of the ACM SIGPLAN Workshop on Prog. Languages and Analysis for Security (PLAS), 2006.

Digital Library

[17]

K. W. Hamlen, G. Morrisett, and F. B. Schneider. Computability Classes for Enforcement Mechanisms. In ACM Trans. on Prog. Languages and Systems, 2006.

Digital Library

[18]

M. Jones and K. Hamlen. Enforcing IRM security policies: Two case studies. In Proc. of IEEE Intelligence and Security Informatics (ISI) Conference (to appear), June 2009.

Digital Library

[19]

E. M. C. Jr., O. Grumberg, and D. A. Peled. Model Checking. The MIT Press, Cambridge, Massachusetts, 1999.

[20]

W. Kisser, K. Havelund, G. Brat, S. Park, and F. Lerda. Model Checking Programs. Automated Software Engineering Journal, 10(2), April 2003.

Digital Library

[21]

R. Milner. Communicating and Mobile Systems: the PiCalculus. Cambridge University Press, June 1999.

Digital Library

[22]

G. C. Necula and P. Lee. Safe kernel extensions without run-time checking. In X. Useni, editor, 2nd Symposium on Operating Systems Design and Implementation (OSDI '96), October 28--31, 1996. Seattle, WA, pages 229--243. USENIX, 1996.

Digital Library

[23]

A. Pnueli. The temporal logic of programs. In Proc. of the 18th Annual Symposium on Foundations of Computer Science (FOCS'77), pages 46--57. IEEE Comp. Soc. Press, Oct.-Nov. 1977.

Digital Library

[24]

Y. S. Ramakrishna, C. R. Ramakrishnan, I. V. Ramakrishnan, S. A. Smolka, T. Swift, and D. S. Warren. Efficient Model Checking Using Tabled Resolution. In Computer Aided Verification (CAV '97). Springer-Verlag, 1997.

Digital Library

[25]

K. Y. Rozier and M. Y. Vardi. LTL satisfiability checking. In In 14th International SPIN Workshop, volume 4595 of LNCS, pages 149--167. Springer, 2007.

Digital Library

[26]

T. C. Ruys and N. H. M. A. de Brugh. MMC: the Mono Model Checker. Electron. Notes Theor. Comput. Sci., 190(1):149--160, 2007.

Digital Library

[27]

F. B. Schneider. Enforceable Security Policies. ACM Trans. on Information and System Security, 3:30--50, 2000.

Digital Library

[28]

R. Sebastiani, R. Sebastiani, S. Tonetta, and S. Tonetta. More deterministic vs. smaller bchi automata for efficient LTL model checking. In In CHARME03, volume 2860 of LNCS, pages 126--140. Springer, 2003.

[29]

L. Shapiro and E. Y. Sterling. The Art of PROLOG: Advanced Programming Techniques. The MIT Press, 1994.

Digital Library

[30]

L. Simon, A. Mallya, A. Bansal, and G. Gupta. Coinductive Logic Programming. In Proc. of the International Conf. on Logic Prog., 2006.

Digital Library

[31]

H. Tamaki and T. Sato. OLD resolution with tabulation. In E. Y. Shapiro, editor, ICLP, volume 225 of LNCS, pages 84--98. Springer, 1986.

Digital Library

[32]

Yap prolog, 2009. http://www.dcc.fc.up.pt/~vsc/Yap/.

Cited By

Seki H(2014)Extending Co-logic Programs for Branching-Time Model CheckingLogic-Based Program Synthesis and Transformation10.1007/978-3-319-14125-1_8(127-144)Online publication date: 11-Dec-2014
https://doi.org/10.1007/978-3-319-14125-1_8
Thuraisingham B(2013)An Infrastructure for a Secure CloudDeveloping and Securing the Cloud10.1201/b15433-50(543-561)Online publication date: 10-Oct-2013
https://doi.org/10.1201/b15433-50
Rastogi AChaudhuri AJohnson R(2012)Types and Access Controls for Cross-Domain Security in FlashProgramming Languages and Systems10.1007/978-3-642-35182-2_7(82-97)Online publication date: 2012
https://doi.org/10.1007/978-3-642-35182-2_7
Show More Cited By

Index Terms

Recommendations

Coinductive logic programming with negation
LOPSTR'09: Proceedings of the 19th international conference on Logic-Based Program Synthesis and Transformation

We introduce negation into coinductive logic programming (co-LP) via what we term Coinductive SLDNF (co-SLDNF) resolution. We present declarative and operational semantics of co-SLDNF resolution and present their equivalence under the restriction of ...
Verified Model Checking for Conjunctive Positive Logic
Abstract
We formalize, in the Dafny language and verifier, a proof system PS for deciding the model checking problem of the fragment of first-order logic, denoted $FO (\forall, \exists, \land)$ , known as conjunctive positive logic (CPL). We mechanize the proofs of soundness ...
Verifying concurrent probabilistic systems using probabilistic-epistemic logic specifications

In this paper, we address the problem of verifying probabilistic and epistemic properties in concurrent probabilistic systems expressed in PCTLK. PCTLK is an extension of the Probabilistic Computation Tree Logic (PCTL) augmented with Knowledge (K). In ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

PLAS '09: Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security

June 2009

130 pages

ISBN:9781605586458

DOI:10.1145/1554339

Conference Chairs:
Stephen Chong
Harvard University
,
David Naumann
Stevens Institute of Technology

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 June 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

PLDI '09

Sponsor:

SIGPLAN

PLDI '09: ACM SIGPLAN Conference on Programming Language Design and Implementation

June 15 - 21, 2009

Dublin, Ireland

Acceptance Rates

PLAS '09 Paper Acceptance Rate 8 of 19 submissions, 42%;

Overall Acceptance Rate 43 of 77 submissions, 56%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
309
Total Downloads

Downloads (Last 12 months)10
Downloads (Last 6 weeks)1

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Seki H(2014)Extending Co-logic Programs for Branching-Time Model CheckingLogic-Based Program Synthesis and Transformation10.1007/978-3-319-14125-1_8(127-144)Online publication date: 11-Dec-2014
https://doi.org/10.1007/978-3-319-14125-1_8
Thuraisingham B(2013)An Infrastructure for a Secure CloudDeveloping and Securing the Cloud10.1201/b15433-50(543-561)Online publication date: 10-Oct-2013
https://doi.org/10.1201/b15433-50
Rastogi AChaudhuri AJohnson R(2012)Types and Access Controls for Cross-Domain Security in FlashProgramming Languages and Systems10.1007/978-3-642-35182-2_7(82-97)Online publication date: 2012
https://doi.org/10.1007/978-3-642-35182-2_7
Hamlen KJones MSridhar M(2012)Aspect-Oriented runtime monitor certificationProceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-642-28756-5_10(126-140)Online publication date: 24-Mar-2012
https://dl.acm.org/doi/10.1007/978-3-642-28756-5_10
Sridhar MHamlen KJhala RSwierstra W(2011)Flexible in-lined reference monitor certificationProceedings of the 5th ACM workshop on Programming languages meets program verification10.1145/1929529.1929537(55-60)Online publication date: 29-Jan-2011
https://dl.acm.org/doi/10.1145/1929529.1929537
Hamlen KKantarcioglu MKhan LThuraisingham B(2010)Security Issues for Cloud ComputingInternational Journal of Information Security and Privacy10.4018/jisp.20100401034:2(36-48)Online publication date: 1-Apr-2010
https://dl.acm.org/doi/10.4018/jisp.2010040103
Sridhar MHamlen K(2010)ActionScript in-lined reference monitoring in prologProceedings of the 12th international conference on Practical Aspects of Declarative Languages10.1007/978-3-642-11503-5_13(149-151)Online publication date: 18-Jan-2010
https://dl.acm.org/doi/10.1007/978-3-642-11503-5_13
Sridhar MHamlen K(2010)Model-checking in-lined reference monitorsProceedings of the 11th international conference on Verification, Model Checking, and Abstract Interpretation10.1007/978-3-642-11319-2_23(312-327)Online publication date: 17-Jan-2010
https://dl.acm.org/doi/10.1007/978-3-642-11319-2_23

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents