Captains' Log: Language Based Security, Fall 2003

Wed August 20: Introduction to course. Brief Motivation followed by presentation of A Language-Based Approach to Security
Mon August 25: Amtoft: Part I (pages 1--27) of Walker's Presentation of Typed Assembly Language.
Wed August 27: Amtoft proved the auxiliary results (admissibility, canonical form) needed to establish type safety of the "vanilla" system presented last Monday.
Mon September 1: Student/University holiday
Wed September 3: Amtoft finished the proof of type safety for the TAL-0 system in Walker's Presentation of Typed Assembly Language, covered the TAL-1 system featuring polymorphism (pages 28--36), and embarked on the TAL-2 system featuring stacks (pages 38--43).
Mon September 8: Amtoft continued Walker's Presentation of Typed Assembly Language, finishing the TAL-2 system featuring stacks (pages 38--52) and also covering Type-Directed Compilation (pages 54--76).
Wed September 10: Amtoft started on Proof-Carrying Code, covering Necula's Presentation (here in postscript) and also listing the symbolic evaluator from Table 3 in Necula & Lee: Safe, Untrusted Agents using Proof-Carrying Code.
Mon September 15: Amtoft presented more example applications of Proof-Carrying Code, such as those found in Kedar's presentation (given in Walker's course on language-based security) and also the list sum program (adapted from George C. Necula: Proof-carrying code) where we generated the safety theorem using the "weakest precondition" method as well as using the "strongest postcondition" method. By incorporating time resources in the invariants, one can reason about termination; we discussed some of the pitfalls of that approach.
For a reading guide to Proof-Carrying Code (cf. our reading list), see Necula's annotated bibliography (though not up-to-date).
Wed September 17: Banerjee started on Information Flow Analysis, with a presentation based on Andrei Sabelfeld and Andrew C. Myers: Language-based Information-Flow Security.
Mon September 22: Banerjee continued Information Flow Analysis, proving (on the board) the non-interference property for while-loops.
Wed September 24: Banerjee presented a semantics and a type system for a Java-like language, using pages 1--25 of these slides.
Mon September 29: Motivated by the desire to prevent certain information leaks, Banerjee augmented the type system for a Java-like language with security levels, using pages 26--40 of these slides.
Background reading: Volpano & Smith: A Type-Based Approach to Program Security.
Wed October 1: No class (Banerjee in Germany)
Mon October 6: No class (Amtoft & Banerjee in Germany for a Dagstuhl seminar on language based security)
Wed October 8: No class (Amtoft & Banerjee in Germany for a Dagstuhl seminar on language based security)
Mon October 13: Student holiday
Wed October 15: Presentation by Banerjee on Banerjee & Naumann: Stack-based Access Control for Secure Information Flow.
Mon October 20: Gurvan Le Guernic presented the work by Andrew Myers and others on DLM, in particular A Decentralized Model for Information Flow Control and Complete, Safe Information Flow with Decentralized Labels.
Wed October 22: Gurvan continued his presentation.
Mon October 27: Sruthi Bandhakavi presents Bieber et al: Checking Secure Interactions of Smart Card Applets: extended version (a preliminary version is available here)
Wed October 29: Sruthi continued her presentation.
Mon November 3: Presentation by Georg Jung of Darvas & Hähnle & Sands: A Theorem Proving Approach to Analysis of Secure Information Flow.
Wed November 5: Georg Jung continues his presentation (also discussing some inference rules from Beckert: A Dynamic Logic for the Formal Verification of Java Card Programs).
Mon November 10: Presentation by Nithya Raveendran of Xavier Leroy: Bytecode verification on Java smart cards.
Wed November 12: Nithya Raveendran continued her presentation.
Mon November 17: Gurvan outlined his proposed project.
Wed November 19: Georg outlined his proposed project.
Mon November 24: Nithya and Sruthi gave a demo showing their experience with Coq, the tool to be used in both their projects.
Wed November 26: Student holiday
Week from December 1 to December 5: No classes; the students should work on their projects and when needed schedule one-on-one meetings with instructors.
Mon December 8: Student reports in

Torben Amtoft
Anindya Banerjee