CoSMed: A Confidentiality-Verified Social Media Platform

CoSMed: A Confidentiality-Verified Social Media Platform

This paper describes progress with our agenda of formal verification of information flow security for realistic systems. We present CoSMed, a social media platform with verified document confidentiality. The system’s kernel is implemented and verified in the proof assistant Isabelle/HOL. For verific...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of automated reasoning 2018-06, Vol.61 (1-4), p.113-139
Hauptverfasser: Bauereiß, Thomas, Pesenti Gritti, Armando, Popescu, Andrei, Raimondi, Franco
Format: Artikel
Sprache:eng
Schlagworte:
Accountability
Artificial Intelligence
Automation
Case studies
Computer Science
Conferencing systems
Confidentiality
Digital media
Friendship
Information flow
Mathematical Logic and Formal Languages
Mathematical Logic and Foundations
Security
Social networks
Symbolic and Algebraic Manipulation
Topology
Verification
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This paper describes progress with our agenda of formal verification of information flow security for realistic systems. We present CoSMed, a social media platform with verified document confidentiality. The system’s kernel is implemented and verified in the proof assistant Isabelle/HOL. For verification, we employ the framework of Bounded-Deducibility (BD) Security , previously introduced for the conference system CoCon. CoSMed is a second major case study in this framework. For CoSMed, the static topology of declassification bounds and triggers that characterized previous instances of BD Security has to give way to a dynamic integration of the triggers as part of the bounds. We also show that, from a theoretical viewpoint, the removal of triggers from the notion of BD Security does not restrict its expressiveness.
ISSN:0168-7433
1573-0670
DOI:10.1007/s10817-017-9443-3