On Modular and Fully-Abstract Compilation

2016 IEEE 29th Computer Security Foundations Symposium (CSF) Pub Date : 2016-06-01 DOI:10.1109/CSF.2016.9

Marco Patrignani, Dominique Devriese, F. Piessens

{"title":"On Modular and Fully-Abstract Compilation","authors":"Marco Patrignani, Dominique Devriese, F. Piessens","doi":"10.1109/CSF.2016.9","DOIUrl":null,"url":null,"abstract":"Secure compilation studies compilers that generate target-level components that are as secure as their source-level counterparts. Full abstraction is the most widely-proven property when defining a secure compiler. A compiler is modular if it allows different components to be compiled independently and then to be linked together to form a whole program. Unfortunately, many existing fully-abstract compilers to untyped machine code are not modular. So, while fully-abstractly compiled components are secure from malicious attackers, if they are linked against each other the resulting component may become vulnerable to attacks. This paper studies how to devise modular, fully-abstract compilers. It first analyses the attacks arising when compiled programs are linked together, identifying security threats that are due to linking. Then, it defines a compiler from an object-based language with method calls and dynamic memory allocation to untyped assembly language extended with a memory isolation mechanism. The paper provides a proof sketch that the defined compiler is fully-abstract and modular, so its output can be linked together without introducing security violations.","PeriodicalId":6500,"journal":{"name":"2016 IEEE 29th Computer Security Foundations Symposium (CSF)","volume":"47 1","pages":"17-30"},"PeriodicalIF":0.0000,"publicationDate":"2016-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"32","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE 29th Computer Security Foundations Symposium (CSF)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSF.2016.9","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 32

Abstract

Secure compilation studies compilers that generate target-level components that are as secure as their source-level counterparts. Full abstraction is the most widely-proven property when defining a secure compiler. A compiler is modular if it allows different components to be compiled independently and then to be linked together to form a whole program. Unfortunately, many existing fully-abstract compilers to untyped machine code are not modular. So, while fully-abstractly compiled components are secure from malicious attackers, if they are linked against each other the resulting component may become vulnerable to attacks. This paper studies how to devise modular, fully-abstract compilers. It first analyses the attacks arising when compiled programs are linked together, identifying security threats that are due to linking. Then, it defines a compiler from an object-based language with method calls and dynamic memory allocation to untyped assembly language extended with a memory isolation mechanism. The paper provides a proof sketch that the defined compiler is fully-abstract and modular, so its output can be linked together without introducing security violations.

查看原文本刊更多论文

论模块化和全抽象编译

安全编译研究生成与源级对应组件一样安全的目标级组件的编译器。在定义安全编译器时，完全抽象是得到最广泛验证的属性。一个编译器是模块化的，如果它允许不同的组件独立编译，然后连接在一起形成一个完整的程序。不幸的是，许多现有的针对无类型机器代码的全抽象编译器并不是模块化的。因此，虽然完全抽象编译的组件是安全的，不会受到恶意攻击者的攻击，但如果它们相互链接，则生成的组件可能容易受到攻击。本文研究如何设计模块化的、全抽象的编译器。它首先分析编译程序链接在一起时产生的攻击，识别由于链接而产生的安全威胁。然后，定义了从具有方法调用和动态内存分配的基于对象的语言到具有内存隔离机制的扩展的无类型汇编语言的编译器。本文提供了一个证明草图，证明所定义的编译器是完全抽象和模块化的，因此它的输出可以链接在一起而不会引入安全违规。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2016 IEEE 29th Computer Security Foundations Symposium (CSF)

自引率

0.00%

发文量