Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 1 of 1
Full-Text Articles in Physical Sciences and Mathematics
Towards Formally Verified Compilation Of Tag-Based Policy Enforcement, Chr Chhak, Andrew Tolmach, Sean Anderson
Towards Formally Verified Compilation Of Tag-Based Policy Enforcement, Chr Chhak, Andrew Tolmach, Sean Anderson
Computer Science Faculty Publications and Presentations
Hardware-assisted reference monitoring is receiving increasing attention as a way to improve the security of existing software. One example is the PIPE architecture extension, which attaches metadata tags to register and memory values and executes tag-based rules at each machine instruction to enforce a software-defined security policy. To use PIPE effectively, engineers should be able to write security policies in terms of source-level concepts like functions, local variables, and structured control operators, which are not visible at machine level. It is the job of the compiler to generate PIPE-aware machine code that enforces these source-level policies. The compiler thus becomes …