Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 3 of 3
Full-Text Articles in Physical Sciences and Mathematics
Liboblivious: A C++ Library For Oblivious Data Structures And Algorithms, Scott D. Constable, Steve Chapin
Liboblivious: A C++ Library For Oblivious Data Structures And Algorithms, Scott D. Constable, Steve Chapin
Electrical Engineering and Computer Science - Technical Reports
Infrastructure as a service (IaaS) is an enormously beneficial model for centralized data computation and storage. Yet, existing network-layer and hardware-layer security protections do not address a broad category of vulnerabilities known as side-channel attacks. Over the past several years, numerous techniques have been proposed at all layers of the software/hardware stack to prevent the inadvertent leakage of sensitive data. This report discusses a new technique which integrates seamlessly with C++ programs. We introduce a library, libOblivious, which provides thin wrappers around existing C++ standard template library classes, endowing them with the property of memory-trace obliviousness.
Formal Verification Of A Modern Boot Loader, Scott D. Constable, Rob Sutton, Arash Sahebolamri, Steve Chapin
Formal Verification Of A Modern Boot Loader, Scott D. Constable, Rob Sutton, Arash Sahebolamri, Steve Chapin
Electrical Engineering and Computer Science - Technical Reports
We introduce the Syracuse Assured Boot Loader Executive (SABLE), a trustworthy secure loader. A trusted boot loader performs a cryptographic measurement (hash) of program code and executes it unconditionally, allowing later-stage software to verify the integrity of the system through local or remote attestation. A secure loader differs from a trusted loader in that it executes subsequent code only if measurements of that code match known-good values. We have applied a rigorous formal verification technique recently demonstrated in practice by NICTA in their verification of the seL4 microkernel. We summarize our design philosophy from a high level and present our …
A Formally Verified Heap Allocator, Arash Sahebolamri, Scott D. Constable, Steve J. Chapin
A Formally Verified Heap Allocator, Arash Sahebolamri, Scott D. Constable, Steve J. Chapin
Electrical Engineering and Computer Science - Technical Reports
We present the formal verification of a heap allocator written in C. We use the Isabelle/HOL proof assistant to formally verify the correctness of the heap allocator at the source code level. The C source code of the heap allocator is imported into Isabelle/HOL using CParser and AutoCorres. In addition to providing the guarantee that the heap allocator is free of bugs and therefore is suitable for use in security critical projects, our work facilitates verification of other projects written in C that utilize Isabelle and AutoCorres.