Project deliverable Open Access

Formal Specification of a Generic Separation Kernel

Verbeek, Freek; Schmaltz, Julien; Tverdyshev, Sergey; Havle, Oto; Blasum, Holger; Langenstein, Bruno; Stephan, Werner; Feliachi, Abderrahmane; Nemouchi, Yakoub; Wolff, Burkhart

Researcher(s)
Tverdyshev, Sergey; Havle, Oto; Blasum, Holger; Langenstein, Bruno; Stephan, Werner; Feliachi, Abderrahmane; Nemouchi, Yakoub; Wolff, Burkhart; Verbeek, Freek; Schmaltz, Julien

We introduce a theory of intransitive non-interference for separation kernels with control. We show that it can be instantiated for a simple API consisting of IPC and events.

Files (1.4 MB)
  • Alves-Foss, J., Taylor, C.: An analysis of the GWV security policy. In: Fifth International Workshop on the ACL2 Prover and its Applications (ACL2-2004). (2004)
  • Brygier, J., Fuchsen, R., Blasum, H.: PikeOS: Safe and secure virtualization in a separation microkernel. Technical report, Technical report, SYSGO (2009)
  • Engelhardt, K., van der Meyden, R., Zhang, C.: Intransitive noninterference in nondeterministic systems. In: Proceedings of the 2012 ACM conference on Computer and communications security, ACM (2012) 869–880
  • Goguen, J.A., Meseguer, J.: Unwinding and inference control. (1984)
  • Gorrieri, R., Vernali, M.: On intransitive non-interference in some models of concurrency. In: Foundations of security analysis and design VI. Springer (2011) 125–151
  • Greve, D., Wilding, M., Vanfleet, W.M.: A separation kernel formal security policy. In: Fourth International Workshop on the ACL2 Prover and Its Applications (ACL2-2003). (2003)
  • Haigh, J.T., Young, W.D.: Extending the noninterference version of MLS for SAT. IEEE Trans. Softw. Eng. 13(2) (February 1987) 141–150
  • Kaiser, R.,Wagner, S.: Evolution of the PikeOS microkernel. In: First International Workshop on Microkernels for Embedded Systems. (2007) 50
  • Kammüller, F.: Modular reasoning in isabelle. In McAllester, D., ed.: Automated Deduction - CADE-17. Volume 1831 of Lecture Notes in Computer Science. Springer Berlin Heidelberg (2000) 99–114
  • Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., et al.: seL4: Formal verification of an OS kernel. In: Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, ACM (2009) 207–220
  • Murray, T., Matichuk, D., Brassil, M., Gammie, P., Klein, G.: Noninterference for operating system kernels. In: Certified Programs and Proofs. Springer (2012) 126–142
  • Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL: a proof assistant for higherorder logic. Springer-Verlag (2012)
  • Roscoe, A.W., Goldsmith, M.H.: What is intransitive noninterference? In: In Proc. of the 12th IEEE Computer Security Foundations Workshop. (1999) 228–238
  • Rushby, J.: Design and verification of secure systems. In: ACM SIGOPS Operating Systems Review. Volume 15., ACM (1981) 12–21
  • Rushby, J.: Noninterference, transitivity, and channel-control security policies. SRI International, Computer Science Laboratory (1992)
  • van der Meyden, R., Zhang, C.: A comparison of semantic models for noninterference. Theoretical Computer Science 411(47) (2010) 4123–4147
  • van der Meyden, R.: What, indeed, is intransitive noninterference? In Biskup, J., Lpez, J., eds.: Computer Security ESORICS 2007. Volume 4734 of Lecture Notes in Computer Science. Springer Berlin Heidelberg (2007) 235–250
16
1
views
downloads
All versions This version
Views 1616
Downloads 11
Data volume 1.4 MB1.4 MB
Unique views 1616
Unique downloads 11

Share

Cite as