C Program Partitioning with Fine-Grained Security Constraints and Post-Partition Verification

MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM) Pub Date : 2022-11-28 DOI:10.1109/MILCOM55135.2022.10017451

Maxwell Levatich, Robert Brotzman, Benjamin Flin, Ta Chen, R. Krishnan, S. Edwards

{"title":"C Program Partitioning with Fine-Grained Security Constraints and Post-Partition Verification","authors":"Maxwell Levatich, Robert Brotzman, Benjamin Flin, Ta Chen, R. Krishnan, S. Edwards","doi":"10.1109/MILCOM55135.2022.10017451","DOIUrl":null,"url":null,"abstract":"We address the problem of program partitioning: dividing a program into isolated compartments that communicate via remote procedure calls to follow a security policy. Existing solutions for C programs often use a simple model that offers only “sensitive or not” control and do not provide formal guarantees of partition correctness. We present a C program partitioner for security-conscious applications that addresses these shortcomings through annotation with fine-grained security constraints (chiefly, declassification of sensitive data to select parties); from these annotations, we automatically determine a partition and auto-generate code for marshaling, serialization, and remote procedure calls. We provide post-partition verification, which leverages translation validation to show that output program partitions are behaviorally equivalent to their input programs and satisfy the security policy specified by annotations. We present results that show our approach is practical when partitioning large realistic C applications with non-trivial security constraints.","PeriodicalId":239804,"journal":{"name":"MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM)","volume":"74 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MILCOM55135.2022.10017451","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

We address the problem of program partitioning: dividing a program into isolated compartments that communicate via remote procedure calls to follow a security policy. Existing solutions for C programs often use a simple model that offers only “sensitive or not” control and do not provide formal guarantees of partition correctness. We present a C program partitioner for security-conscious applications that addresses these shortcomings through annotation with fine-grained security constraints (chiefly, declassification of sensitive data to select parties); from these annotations, we automatically determine a partition and auto-generate code for marshaling, serialization, and remote procedure calls. We provide post-partition verification, which leverages translation validation to show that output program partitions are behaviorally equivalent to their input programs and satisfy the security policy specified by annotations. We present results that show our approach is practical when partitioning large realistic C applications with non-trivial security constraints.

查看原文本刊更多论文

具有细粒度安全约束和分区后验证的C程序分区

我们解决了程序分区的问题:将程序划分为通过远程过程调用进行通信以遵循安全策略的孤立分区。C程序的现有解决方案通常使用一个简单的模型，该模型只提供“敏感或不敏感”控制，并且不提供分区正确性的正式保证。我们为具有安全意识的应用程序提供了一个C程序分区程序，该程序通过带有细粒度安全约束的注释(主要是将敏感数据解密给选定方)来解决这些缺点;从这些注释中，我们自动确定分区并自动生成用于封送、序列化和远程过程调用的代码。我们提供分区后验证，它利用翻译验证来显示输出程序分区在行为上与其输入程序相等，并满足注释指定的安全策略。我们给出的结果表明，在划分具有重要安全约束的大型实际C应用程序时，我们的方法是实用的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM)

自引率

0.00%

发文量