SlideShare une entreprise Scribd logo

Logic for security

R
rainoftime

Logic, Security

Ingénierie
1  sur  31
Télécharger pour lire hors ligne
. . . . . . Introduction Approaches Applications Specialized Logic Logic for Computer Security Jack Yao HKUST rainoftime@gmail.com December 20, 2015 Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Overview 1 Introduction 2 Approaches Model checking Inductive Proof Type theory SAT and SMT 3 Applications Security Protocols OS Security Software Model Checking 4 Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Areas of Applications Computer Security Multilevel Operating System Access Control Policies Network Security Public-Key Infrastructure and Trust Management Cryptographic Authentication Protocols Other areas: databases, firewalls, routers, intrusion detection Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Contribution of Logic Undecidability or complexity Results Safety problem for discretionary access control Cryptographic protocol analysis Theorem Proving Environments Verifying correctness of formal OS specifications Inductive proofs of cryptographic protocols Logic Programming Prolog programs for cryptographic protocol analysis, etc Model Checking Cryptographic protocol analysis More and more work on software model checking Specialized Logics Linear Logic, Separation Logic, Affine Logic, etc Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Roles of Logic Model theory Study semantic What does the the assertion language mean? Proof theory Formally proving security properties Automatic or Interactive? Recursion(Computability) theory Is it possible to verify something? If yes, what’s the price? Specialized logic Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Proof Systems Goals: formally prove properties Axioms Formulas predefined in the certain logic Or simple formulas proved by hand and used as axioms. Inference rules Proof steps Theorem Formula obtained from axioms by application of inference rules Techniques Hilbert-frege style(e.g, originally, Hoare logic used this) Gentzen’s Natural deduction and sequent calculi Nested sequent, labeled sequent, display calculi, etc. Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Other tools for modeling and proving Tree Automata, Graph Automata.. Graph based IR and program analysis Pushdown system(PDS), WSTS(e.g, petri net) Term rewriting system Algebra and calculus(CSP, CCS, pi calculus..) ... Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Model checking Developed independently by Clarke and Emerson and by Queille and Sifakis in early 80s Originally, temporal logic model checking(specifications are written in propositional temporal logic) Verification procedure is an intelligent exhaustive search of the state space of the design Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Advantages and Disadvantage Advantages: No proofs!!(Algorithmic rather than Deductive) Diagnostic counterexamples Allow partial specification Flow and path sensitive, but fast(compared to theorem proving) Disadvantages: State explosion!! Development: symbolic MC, bounded MC(usually with SAT solver), CEGAR.. Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Model checking Tools State-space search for reachability of insecure states History: back to 1984, Interrogator program in Prolog General-purpose model-checkers Search automatically given initial conditions, bounds Roscoe and Lowe, FDR(model-checker for CSP), 1995 Clarke et al, SMV, 1998 Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Software model checking Tools for verifying source code combine many techniques Program analysis techniques such as slicing, range analysis Abstraction: e.g, abstract interpretation Model checking, SAT and SMT solving... Refinement from counter-examples(CEGAR) New challenges for MC(beyond finite-state reachability analysis) Recursion gives pushdown control: pushdown system, higher order MC.. Pointers, dynamic objects, inheritence... A very active and emerging area Abstraction-based tools: SLAM, BLAST Direct state encoding: CBMC, CheckFence Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Inductive Proofs Application of general-purpose specification and verification tools Influential Examples: L.Paulson, ”The inductive approach to verifying cryptographic protocols”, J. Comp. Sec.98(used Isabelle) L.Beringer et al, ”Verified Correctness and Security of OpenSSL HMAC”, Usenix Sec.15 Tools: Coq, Isabelle, PVS, Automath, Agda... Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Types and security We want to check specification vs. the code; Types can be specification. Type system is Part of nearly all mainstream languages Usually flow-insensitive, thus efficient Relation with proof theory(for some functional language and theorem provers) C-H isomorphism: proposition as type, and proving as type checking Essentially, it is a natural deduction style proof. Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Substructural type Borrow the ideas from substructural logic Affine logic, linear logic, relevant logic... Key insights: Restrict the use of resource: number, ordering, etc. Examples: Linear Type system. Affine Type, Turner et al. Hoare Type, David Walker and G.Morrisett Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Flow sensitive type Extending standard type systems with flow-sensitive type qualifiers. Used to ”encode” flow information J.Foster, Flow-Sensitive Type Qualifiers, PLDI 02 S.Hunt, On Flow-Sensitive Security Types, POPL 06 ... Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Dependent type Foundations for many theorem provers, and integrated into general programming lang Theorem proving: Coq, Agda, F star,... General programming lang: Lightweight support in Haskell, and full in Idris.. Some variants: Refinement type Studied intensively in recent years. And usually implemented with SMT solver. Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT The Story of SAT Propositional Satisfiability: Given a formula over Boolean variables, is there an assignment of 0 or 1s to vars which makes the formula true? Canonical NP-hard problem (Cook 1971) Enormous progress in tools that can solve instances with 1000s of variables and millions of clauses Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Security Protocols OS Security Software Model Checking Security Protocol Applications military communications, business communications, electronic commerce, privacy Examples Kerberos: MIT protocol for unitary login to network services SSL (Secure Socket Layer, used in Web browsers) IPSec: standard suite of Internet protocols due to the IETF SET (Secure Electronic Transaction) protocol PGP (Pretty Good Privacy) Verification of security protocols has been and is still a very active research area Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Security Protocols OS Security Software Model Checking Solutions to undecidability Abstraction Tree automata(TA4SP) Horn clauses(ProVerif) User help Logics(BAN, PCL,...) Even use iteractive proving Decidable subclass Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Security Protocols OS Security Software Model Checking File systems File systems are complex and have bugs Research on finding bugs: Crash injection(e.g, EXPLODE, OSDI 06) Symbolic execution(e.g., EXE, Okaland 06) ... Elimination of bugs by proving: BilbyFS, Keller 14 UBIFS, Ernst et al. 13 FSCQ(with Hoare Crash Logic),SOSP 15 Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Security Protocols OS Security Software Model Checking Software model checking Active area of research Examples of tools: Bandera[Dwyer]: Java to SPIN/SMV/* using user-guided abstraction mapping and slicing/abstract interpretation SLAM[Tom Ball]: C to ”Boolean programs”, automatic abstraction refinement using predicate abstraction JavaPathFinder: Java model-checking using special JVM and model-checker... SAGE: random testing. Challenges: Language features: function pointers, higher order function... Scalability: modular, incremental, parallel? Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Security Protocols OS Security Software Model Checking Two main approaches in Software MC Systematic software testing Idea: control the execution of concurrent processes by intercepting systems calls related to communication, and automatically drive the entire system through many scenarios Flexible and scalable approach (code independent) Counterexamples arise from code execution (sound) Provide complete state-space coverage up to some depth only (incomplete) Static analysis for automatic model extraction Idea: parse code to generate an abstract model which is then analyzed by model-checker; abstraction may/must be guided by the user Coverage can be exhaustive (can be complete) Abstraction may cause spurious counterexamples(unsound) Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Security Protocols OS Security Software Model Checking Software MC and logic Key insights: Let A be an abstract domain for static analysis. The elements of A act both as computational values and as logic assertions! Data flow analysis, predicate abstraction, and CEGAR-based model checking all exploit this coincidence! Unify different approaches: deductive proving, SAT/SMT, abstract interpretation, model checking... Symbolic abstract interpretation, Thakur and Reps Abstract interpretation as automatic deduction..(working on it..) Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Temporal Logic Recall model checking section.. Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Belief Logics: BAN Logic The BAN (Burrows, Abadi, and Needham)logic Modal logic of belief plus specialized predicates and inference rules Protocol messages are idealized into logical statements Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Linear Logic J.-Y. Girard, ”Linear logic”, Theoretical Comp. Sci, 1987 Used to model state-transition systems, inspire other logic Great impact on logic(proof theory) and cs(verification) community. Application to security Model-checking with linear-logic symbolic search tool LLF, LICS 96 A Linear Logic for Authorization and Knowledge, ESORICS 06 ... Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Bunched logic By Ohearn and Pym, and has many variants(BI, CBI, BBI..etc) Bunched logics extend classical or intuitionistic logic with various ”linear” or multiplicative connectives(borrow from linear logic) Formulas can be understood as sets of ”worlds” (often ”resources”) in an underlying model Boolean BI(BBI) is the foundation of Separation Logic! Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Affine Logic Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Region Logic Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others The End Jack Yao Logic4Sec
. . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Reference Jonathan Millen Rajeev Alur Bruno Blanchet Jack Yao Logic4Sec

Recommandé

findbugs Bernhard Merkle
findbugs Bernhard Merklefindbugs Bernhard Merkle
findbugs Bernhard Merklebmerkle
 
Introduction to automated quality assurance
Introduction to automated quality assuranceIntroduction to automated quality assurance
Introduction to automated quality assurancePhilip Johnson
 
Sep logic slide
Sep logic slideSep logic slide
Sep logic sliderainoftime
 
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]Alex Pruden
 
Ofer rivlin BGU - department seminar
Ofer rivlin BGU - department seminarOfer rivlin BGU - department seminar
Ofer rivlin BGU - department seminarOfer Rivlin, CISSP
 
Cryptographic Protocol is and isn't like LEGO.
Cryptographic Protocol is and isn't like LEGO.Cryptographic Protocol is and isn't like LEGO.
Cryptographic Protocol is and isn't like LEGO.Shin'ichiro Matsuo
 
3.Secure Design Principles And Process
3.Secure Design Principles And Process3.Secure Design Principles And Process
3.Secure Design Principles And Processphanleson
 
Towards better software quality assurance by providing intelligent support
Towards better software quality assurance by providing intelligent supportTowards better software quality assurance by providing intelligent support
Towards better software quality assurance by providing intelligent supportConcordia University
 

Recommandé

findbugs Bernhard Merkle
findbugs Bernhard Merklefindbugs Bernhard Merkle
findbugs Bernhard Merklebmerkle
 
Introduction to automated quality assurance
Introduction to automated quality assuranceIntroduction to automated quality assurance
Introduction to automated quality assurancePhilip Johnson
 
Sep logic slide
Sep logic slideSep logic slide
Sep logic sliderainoftime
 
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]
zkStudyClub: Zero-Knowledge Proofs Security, in Practice [JP Aumasson, Taurus]Alex Pruden
 
Ofer rivlin BGU - department seminar
Ofer rivlin BGU - department seminarOfer rivlin BGU - department seminar
Ofer rivlin BGU - department seminarOfer Rivlin, CISSP
 
Cryptographic Protocol is and isn't like LEGO.
Cryptographic Protocol is and isn't like LEGO.Cryptographic Protocol is and isn't like LEGO.
Cryptographic Protocol is and isn't like LEGO.Shin'ichiro Matsuo
 
3.Secure Design Principles And Process
3.Secure Design Principles And Process3.Secure Design Principles And Process
3.Secure Design Principles And Processphanleson
 
Towards better software quality assurance by providing intelligent support
Towards better software quality assurance by providing intelligent supportTowards better software quality assurance by providing intelligent support
Towards better software quality assurance by providing intelligent supportConcordia University
 
Comparative Analysis of Encryption Algorithm
Comparative Analysis of Encryption AlgorithmComparative Analysis of Encryption Algorithm
Comparative Analysis of Encryption AlgorithmKhubaib Ahmad Kunjahi
 
Comparative analysis of algorithms
Comparative analysis of algorithmsComparative analysis of algorithms
Comparative analysis of algorithmsYisal Khan
 
Sumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic
 
Paranoid's View of Token Engineering
Paranoid's View of Token Engineering Paranoid's View of Token Engineering
Paranoid's View of Token Engineering Token Engineering
 
1.Architecture
1.Architecture1.Architecture
1.Architecturephanleson
 
Course overview Cybersecurity and its applications
Course overview Cybersecurity and its applicationsCourse overview Cybersecurity and its applications
Course overview Cybersecurity and its applicationsSanket Shikhar
 
Automated Validation of Internet Security Protocols and Applications (AVISPA)
Automated Validation of Internet Security Protocols and Applications (AVISPA) Automated Validation of Internet Security Protocols and Applications (AVISPA)
Automated Validation of Internet Security Protocols and Applications (AVISPA) Krassen Deltchev
 
NNUG Certification Presentation
NNUG Certification PresentationNNUG Certification Presentation
NNUG Certification PresentationNiall Merrigan
 
4.Security Assessment And Testing
4.Security Assessment And Testing4.Security Assessment And Testing
4.Security Assessment And Testingphanleson
 
Applications of Machine Learning and Metaheuristic Search to Security Testing
Applications of Machine Learning and Metaheuristic Search to Security TestingApplications of Machine Learning and Metaheuristic Search to Security Testing
Applications of Machine Learning and Metaheuristic Search to Security TestingLionel Briand
 
Cybersecurity Challenges with Generative AI - for Good and Bad
Cybersecurity Challenges with Generative AI - for Good and BadCybersecurity Challenges with Generative AI - for Good and Bad
Cybersecurity Challenges with Generative AI - for Good and BadIvo Andreev
 
Debugging With Id
Debugging With IdDebugging With Id
Debugging With Idguest215c4e
 
Randomness evaluation framework of cryptographic algorithms
Randomness evaluation framework of cryptographic algorithmsRandomness evaluation framework of cryptographic algorithms
Randomness evaluation framework of cryptographic algorithmsijcisjournal
 
Application Security
Application SecurityApplication Security
Application SecurityUTD Computer Security Group
 
OORPT Dynamic Analysis
OORPT Dynamic AnalysisOORPT Dynamic Analysis
OORPT Dynamic Analysislienhard
 
ADVANCED PENETRATION TESTING.pdf
ADVANCED PENETRATION TESTING.pdfADVANCED PENETRATION TESTING.pdf
ADVANCED PENETRATION TESTING.pdfCert Hippo
 
Test versus security @ IEEE Concept
Test versus security @ IEEE ConceptTest versus security @ IEEE Concept
Test versus security @ IEEE Conceptkodela3
 
Mocking vtcc3 - en
Mocking vtcc3 - enMocking vtcc3 - en
Mocking vtcc3 - envgrondin
 
Database Firewall from Scratch
Database Firewall from ScratchDatabase Firewall from Scratch
Database Firewall from ScratchDenis Kolegov
 
Secure Proactive Recovery- a Hardware Based Mission Assurance Scheme
Secure Proactive Recovery- a Hardware Based Mission Assurance SchemeSecure Proactive Recovery- a Hardware Based Mission Assurance Scheme
Secure Proactive Recovery- a Hardware Based Mission Assurance SchemeRuchika Mehresh
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...roncy bisnoi
 

Contenu connexe

Similaire à Logic for security

Comparative Analysis of Encryption Algorithm
Comparative Analysis of Encryption AlgorithmComparative Analysis of Encryption Algorithm
Comparative Analysis of Encryption AlgorithmKhubaib Ahmad Kunjahi
 
Comparative analysis of algorithms
Comparative analysis of algorithmsComparative analysis of algorithms
Comparative analysis of algorithmsYisal Khan
 
Sumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic
 
Paranoid's View of Token Engineering
Paranoid's View of Token Engineering Paranoid's View of Token Engineering
Paranoid's View of Token Engineering Token Engineering
 
1.Architecture
1.Architecture1.Architecture
1.Architecturephanleson
 
Course overview Cybersecurity and its applications
Course overview Cybersecurity and its applicationsCourse overview Cybersecurity and its applications
Course overview Cybersecurity and its applicationsSanket Shikhar
 
Automated Validation of Internet Security Protocols and Applications (AVISPA)
Automated Validation of Internet Security Protocols and Applications (AVISPA) Automated Validation of Internet Security Protocols and Applications (AVISPA)
Automated Validation of Internet Security Protocols and Applications (AVISPA) Krassen Deltchev
 
NNUG Certification Presentation
NNUG Certification PresentationNNUG Certification Presentation
NNUG Certification PresentationNiall Merrigan
 
4.Security Assessment And Testing
4.Security Assessment And Testing4.Security Assessment And Testing
4.Security Assessment And Testingphanleson
 
Applications of Machine Learning and Metaheuristic Search to Security Testing
Applications of Machine Learning and Metaheuristic Search to Security TestingApplications of Machine Learning and Metaheuristic Search to Security Testing
Applications of Machine Learning and Metaheuristic Search to Security TestingLionel Briand
 
Cybersecurity Challenges with Generative AI - for Good and Bad
Cybersecurity Challenges with Generative AI - for Good and BadCybersecurity Challenges with Generative AI - for Good and Bad
Cybersecurity Challenges with Generative AI - for Good and BadIvo Andreev
 
Debugging With Id
Debugging With IdDebugging With Id
Debugging With Idguest215c4e
 
Randomness evaluation framework of cryptographic algorithms
Randomness evaluation framework of cryptographic algorithmsRandomness evaluation framework of cryptographic algorithms
Randomness evaluation framework of cryptographic algorithmsijcisjournal
 
OORPT Dynamic Analysis
OORPT Dynamic AnalysisOORPT Dynamic Analysis
OORPT Dynamic Analysislienhard
 
ADVANCED PENETRATION TESTING.pdf
ADVANCED PENETRATION TESTING.pdfADVANCED PENETRATION TESTING.pdf
ADVANCED PENETRATION TESTING.pdfCert Hippo
 
Test versus security @ IEEE Concept
Test versus security @ IEEE ConceptTest versus security @ IEEE Concept
Test versus security @ IEEE Conceptkodela3
 
Mocking vtcc3 - en
Mocking vtcc3 - enMocking vtcc3 - en
Mocking vtcc3 - envgrondin
 
Database Firewall from Scratch
Database Firewall from ScratchDatabase Firewall from Scratch
Database Firewall from ScratchDenis Kolegov
 
Secure Proactive Recovery- a Hardware Based Mission Assurance Scheme
Secure Proactive Recovery- a Hardware Based Mission Assurance SchemeSecure Proactive Recovery- a Hardware Based Mission Assurance Scheme
Secure Proactive Recovery- a Hardware Based Mission Assurance SchemeRuchika Mehresh
 

Similaire à Logic for security (20)

Comparative Analysis of Encryption Algorithm
Comparative Analysis of Encryption AlgorithmComparative Analysis of Encryption Algorithm
Comparative Analysis of Encryption Algorithm
 
Comparative analysis of algorithms
Comparative analysis of algorithmsComparative analysis of algorithms
Comparative analysis of algorithms
 
Sumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & Compliance
 
Paranoid's View of Token Engineering
Paranoid's View of Token Engineering Paranoid's View of Token Engineering
Paranoid's View of Token Engineering
 
1.Architecture
1.Architecture1.Architecture
1.Architecture
 
Course overview Cybersecurity and its applications
Course overview Cybersecurity and its applicationsCourse overview Cybersecurity and its applications
Course overview Cybersecurity and its applications
 
Automated Validation of Internet Security Protocols and Applications (AVISPA)
Automated Validation of Internet Security Protocols and Applications (AVISPA) Automated Validation of Internet Security Protocols and Applications (AVISPA)
Automated Validation of Internet Security Protocols and Applications (AVISPA)
 
NNUG Certification Presentation
NNUG Certification PresentationNNUG Certification Presentation
NNUG Certification Presentation
 
4.Security Assessment And Testing
4.Security Assessment And Testing4.Security Assessment And Testing
4.Security Assessment And Testing
 
Applications of Machine Learning and Metaheuristic Search to Security Testing
Applications of Machine Learning and Metaheuristic Search to Security TestingApplications of Machine Learning and Metaheuristic Search to Security Testing
Applications of Machine Learning and Metaheuristic Search to Security Testing
 
Cybersecurity Challenges with Generative AI - for Good and Bad
Cybersecurity Challenges with Generative AI - for Good and BadCybersecurity Challenges with Generative AI - for Good and Bad
Cybersecurity Challenges with Generative AI - for Good and Bad
 
Debugging With Id
Debugging With IdDebugging With Id
Debugging With Id
 
Randomness evaluation framework of cryptographic algorithms
Randomness evaluation framework of cryptographic algorithmsRandomness evaluation framework of cryptographic algorithms
Randomness evaluation framework of cryptographic algorithms
 
Application Security
Application SecurityApplication Security
Application Security
 
OORPT Dynamic Analysis
OORPT Dynamic AnalysisOORPT Dynamic Analysis
OORPT Dynamic Analysis
 
ADVANCED PENETRATION TESTING.pdf
ADVANCED PENETRATION TESTING.pdfADVANCED PENETRATION TESTING.pdf
ADVANCED PENETRATION TESTING.pdf
 
Test versus security @ IEEE Concept
Test versus security @ IEEE ConceptTest versus security @ IEEE Concept
Test versus security @ IEEE Concept
 
Mocking vtcc3 - en
Mocking vtcc3 - enMocking vtcc3 - en
Mocking vtcc3 - en
 
Database Firewall from Scratch
Database Firewall from ScratchDatabase Firewall from Scratch
Database Firewall from Scratch
 
Secure Proactive Recovery- a Hardware Based Mission Assurance Scheme
Secure Proactive Recovery- a Hardware Based Mission Assurance SchemeSecure Proactive Recovery- a Hardware Based Mission Assurance Scheme
Secure Proactive Recovery- a Hardware Based Mission Assurance Scheme
 

Dernier

Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...roncy bisnoi
 
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGMANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGSIVASHANKAR N
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxfenichawla
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdfKamal Acharya
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...ranjana rawat
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)simmis5
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 

Dernier (20)

Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGMANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 

Logic for security

  • 1. . . . . . . Introduction Approaches Applications Specialized Logic Logic for Computer Security Jack Yao HKUST rainoftime@gmail.com December 20, 2015 Jack Yao Logic4Sec
  • 2. . . . . . . Introduction Approaches Applications Specialized Logic Overview 1 Introduction 2 Approaches Model checking Inductive Proof Type theory SAT and SMT 3 Applications Security Protocols OS Security Software Model Checking 4 Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Jack Yao Logic4Sec
  • 3. . . . . . . Introduction Approaches Applications Specialized Logic Areas of Applications Computer Security Multilevel Operating System Access Control Policies Network Security Public-Key Infrastructure and Trust Management Cryptographic Authentication Protocols Other areas: databases, firewalls, routers, intrusion detection Jack Yao Logic4Sec
  • 4. . . . . . . Introduction Approaches Applications Specialized Logic Contribution of Logic Undecidability or complexity Results Safety problem for discretionary access control Cryptographic protocol analysis Theorem Proving Environments Verifying correctness of formal OS specifications Inductive proofs of cryptographic protocols Logic Programming Prolog programs for cryptographic protocol analysis, etc Model Checking Cryptographic protocol analysis More and more work on software model checking Specialized Logics Linear Logic, Separation Logic, Affine Logic, etc Jack Yao Logic4Sec
  • 5. . . . . . . Introduction Approaches Applications Specialized Logic Roles of Logic Model theory Study semantic What does the the assertion language mean? Proof theory Formally proving security properties Automatic or Interactive? Recursion(Computability) theory Is it possible to verify something? If yes, what’s the price? Specialized logic Jack Yao Logic4Sec
  • 6. . . . . . . Introduction Approaches Applications Specialized Logic Proof Systems Goals: formally prove properties Axioms Formulas predefined in the certain logic Or simple formulas proved by hand and used as axioms. Inference rules Proof steps Theorem Formula obtained from axioms by application of inference rules Techniques Hilbert-frege style(e.g, originally, Hoare logic used this) Gentzen’s Natural deduction and sequent calculi Nested sequent, labeled sequent, display calculi, etc. Jack Yao Logic4Sec
  • 7. . . . . . . Introduction Approaches Applications Specialized Logic Other tools for modeling and proving Tree Automata, Graph Automata.. Graph based IR and program analysis Pushdown system(PDS), WSTS(e.g, petri net) Term rewriting system Algebra and calculus(CSP, CCS, pi calculus..) ... Jack Yao Logic4Sec
  • 8. . . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Model checking Developed independently by Clarke and Emerson and by Queille and Sifakis in early 80s Originally, temporal logic model checking(specifications are written in propositional temporal logic) Verification procedure is an intelligent exhaustive search of the state space of the design Jack Yao Logic4Sec
  • 9. . . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Advantages and Disadvantage Advantages: No proofs!!(Algorithmic rather than Deductive) Diagnostic counterexamples Allow partial specification Flow and path sensitive, but fast(compared to theorem proving) Disadvantages: State explosion!! Development: symbolic MC, bounded MC(usually with SAT solver), CEGAR.. Jack Yao Logic4Sec
  • 10. . . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Model checking Tools State-space search for reachability of insecure states History: back to 1984, Interrogator program in Prolog General-purpose model-checkers Search automatically given initial conditions, bounds Roscoe and Lowe, FDR(model-checker for CSP), 1995 Clarke et al, SMV, 1998 Jack Yao Logic4Sec
  • 11. . . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Software model checking Tools for verifying source code combine many techniques Program analysis techniques such as slicing, range analysis Abstraction: e.g, abstract interpretation Model checking, SAT and SMT solving... Refinement from counter-examples(CEGAR) New challenges for MC(beyond finite-state reachability analysis) Recursion gives pushdown control: pushdown system, higher order MC.. Pointers, dynamic objects, inheritence... A very active and emerging area Abstraction-based tools: SLAM, BLAST Direct state encoding: CBMC, CheckFence Jack Yao Logic4Sec
  • 12. . . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Inductive Proofs Application of general-purpose specification and verification tools Influential Examples: L.Paulson, ”The inductive approach to verifying cryptographic protocols”, J. Comp. Sec.98(used Isabelle) L.Beringer et al, ”Verified Correctness and Security of OpenSSL HMAC”, Usenix Sec.15 Tools: Coq, Isabelle, PVS, Automath, Agda... Jack Yao Logic4Sec
  • 13. . . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Types and security We want to check specification vs. the code; Types can be specification. Type system is Part of nearly all mainstream languages Usually flow-insensitive, thus efficient Relation with proof theory(for some functional language and theorem provers) C-H isomorphism: proposition as type, and proving as type checking Essentially, it is a natural deduction style proof. Jack Yao Logic4Sec
  • 14. . . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Substructural type Borrow the ideas from substructural logic Affine logic, linear logic, relevant logic... Key insights: Restrict the use of resource: number, ordering, etc. Examples: Linear Type system. Affine Type, Turner et al. Hoare Type, David Walker and G.Morrisett Jack Yao Logic4Sec
  • 15. . . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Flow sensitive type Extending standard type systems with flow-sensitive type qualifiers. Used to ”encode” flow information J.Foster, Flow-Sensitive Type Qualifiers, PLDI 02 S.Hunt, On Flow-Sensitive Security Types, POPL 06 ... Jack Yao Logic4Sec
  • 16. . . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT Dependent type Foundations for many theorem provers, and integrated into general programming lang Theorem proving: Coq, Agda, F star,... General programming lang: Lightweight support in Haskell, and full in Idris.. Some variants: Refinement type Studied intensively in recent years. And usually implemented with SMT solver. Jack Yao Logic4Sec
  • 17. . . . . . . Introduction Approaches Applications Specialized Logic Model checking Inductive Proof Type theory SAT and SMT The Story of SAT Propositional Satisfiability: Given a formula over Boolean variables, is there an assignment of 0 or 1s to vars which makes the formula true? Canonical NP-hard problem (Cook 1971) Enormous progress in tools that can solve instances with 1000s of variables and millions of clauses Jack Yao Logic4Sec
  • 18. . . . . . . Introduction Approaches Applications Specialized Logic Security Protocols OS Security Software Model Checking Security Protocol Applications military communications, business communications, electronic commerce, privacy Examples Kerberos: MIT protocol for unitary login to network services SSL (Secure Socket Layer, used in Web browsers) IPSec: standard suite of Internet protocols due to the IETF SET (Secure Electronic Transaction) protocol PGP (Pretty Good Privacy) Verification of security protocols has been and is still a very active research area Jack Yao Logic4Sec
  • 19. . . . . . . Introduction Approaches Applications Specialized Logic Security Protocols OS Security Software Model Checking Solutions to undecidability Abstraction Tree automata(TA4SP) Horn clauses(ProVerif) User help Logics(BAN, PCL,...) Even use iteractive proving Decidable subclass Jack Yao Logic4Sec
  • 20. . . . . . . Introduction Approaches Applications Specialized Logic Security Protocols OS Security Software Model Checking File systems File systems are complex and have bugs Research on finding bugs: Crash injection(e.g, EXPLODE, OSDI 06) Symbolic execution(e.g., EXE, Okaland 06) ... Elimination of bugs by proving: BilbyFS, Keller 14 UBIFS, Ernst et al. 13 FSCQ(with Hoare Crash Logic),SOSP 15 Jack Yao Logic4Sec
  • 21. . . . . . . Introduction Approaches Applications Specialized Logic Security Protocols OS Security Software Model Checking Software model checking Active area of research Examples of tools: Bandera[Dwyer]: Java to SPIN/SMV/* using user-guided abstraction mapping and slicing/abstract interpretation SLAM[Tom Ball]: C to ”Boolean programs”, automatic abstraction refinement using predicate abstraction JavaPathFinder: Java model-checking using special JVM and model-checker... SAGE: random testing. Challenges: Language features: function pointers, higher order function... Scalability: modular, incremental, parallel? Jack Yao Logic4Sec
  • 22. . . . . . . Introduction Approaches Applications Specialized Logic Security Protocols OS Security Software Model Checking Two main approaches in Software MC Systematic software testing Idea: control the execution of concurrent processes by intercepting systems calls related to communication, and automatically drive the entire system through many scenarios Flexible and scalable approach (code independent) Counterexamples arise from code execution (sound) Provide complete state-space coverage up to some depth only (incomplete) Static analysis for automatic model extraction Idea: parse code to generate an abstract model which is then analyzed by model-checker; abstraction may/must be guided by the user Coverage can be exhaustive (can be complete) Abstraction may cause spurious counterexamples(unsound) Jack Yao Logic4Sec
  • 23. . . . . . . Introduction Approaches Applications Specialized Logic Security Protocols OS Security Software Model Checking Software MC and logic Key insights: Let A be an abstract domain for static analysis. The elements of A act both as computational values and as logic assertions! Data flow analysis, predicate abstraction, and CEGAR-based model checking all exploit this coincidence! Unify different approaches: deductive proving, SAT/SMT, abstract interpretation, model checking... Symbolic abstract interpretation, Thakur and Reps Abstract interpretation as automatic deduction..(working on it..) Jack Yao Logic4Sec
  • 24. . . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Temporal Logic Recall model checking section.. Jack Yao Logic4Sec
  • 25. . . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Belief Logics: BAN Logic The BAN (Burrows, Abadi, and Needham)logic Modal logic of belief plus specialized predicates and inference rules Protocol messages are idealized into logical statements Jack Yao Logic4Sec
  • 26. . . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Linear Logic J.-Y. Girard, ”Linear logic”, Theoretical Comp. Sci, 1987 Used to model state-transition systems, inspire other logic Great impact on logic(proof theory) and cs(verification) community. Application to security Model-checking with linear-logic symbolic search tool LLF, LICS 96 A Linear Logic for Authorization and Knowledge, ESORICS 06 ... Jack Yao Logic4Sec
  • 27. . . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Bunched logic By Ohearn and Pym, and has many variants(BI, CBI, BBI..etc) Bunched logics extend classical or intuitionistic logic with various ”linear” or multiplicative connectives(borrow from linear logic) Formulas can be understood as sets of ”worlds” (often ”resources”) in an underlying model Boolean BI(BBI) is the foundation of Separation Logic! Jack Yao Logic4Sec
  • 28. . . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Affine Logic Jack Yao Logic4Sec
  • 29. . . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Region Logic Jack Yao Logic4Sec
  • 30. . . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others The End Jack Yao Logic4Sec
  • 31. . . . . . . Introduction Approaches Applications Specialized Logic Model Logic and its variants Linear Logic Bunched logic Others Reference Jonathan Millen Rajeev Alur Bruno Blanchet Jack Yao Logic4Sec