Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 1 of 1
Full-Text Articles in Information Security
When Good Components Go Bad: Formally Secure Compilation Despite Dynamic Compromise, Guglielmo Fachini, CăTăLin Hriţcu, Marco Stronati, Arthur Azevedo De Amorim, Carmine Abate, Roberto Blanco, Théo Laurent, Benjamin C. Pierce, Andrew Tolmach
When Good Components Go Bad: Formally Secure Compilation Despite Dynamic Compromise, Guglielmo Fachini, CăTăLin Hriţcu, Marco Stronati, Arthur Azevedo De Amorim, Carmine Abate, Roberto Blanco, Théo Laurent, Benjamin C. Pierce, Andrew Tolmach
Computer Science Faculty Publications and Presentations
We propose a new formal criterion for secure compilation, giving strong end-to-end security guarantees for software components written in unsafe, low-level languages with C-style undefined behavior. Our criterion is the first to model dynamic compromise in a system of mutually distrustful components running with least privilege. Each component is protected from all the others—in particular, from components that have encountered undefined behavior and become compromised. Each component receives secure compilation guarantees up to the point when it becomes compromised, after which an attacker can take complete control over the component and use any of its privileges to attack the remaining …