Verification of Information Flow and Access Control Policies with Dependent Types

Aleksandar Nanevski, Anindya Banerjee, Deepak Garg
2011 2011 IEEE Symposium on Security and Privacy  
We present Relational Hoare Type Theory (RHTT), a novel language and verification system capable of expressing and verifying rich information flow and access control policies via dependent types. We show that a number of security policies which have been formalized separately in the literature can all be expressed in RHTT using only standard type-theoretic constructions such as monads, higher-order functions, abstract types, abstract predicates, and modules. Example security policies include
more » ... policies include conditional declassification, information erasure, and state-dependent information flow and access control. RHTT can reason about such policies in the presence of dynamic memory allocation, deallocation, pointer aliasing and arithmetic. The system, theorems and examples have all been formalized in Coq.
doi:10.1109/sp.2011.12 dblp:conf/sp/NanevskiBG11 fatcat:u3nu6iheibepxiw4xazgbmutye