首页> 外文会议>NASA formal methods. >On the Development and Formalization of an Extensible Code Generator for Real Life Security Protocols

【24h】

On the Development and Formalization of an Extensible Code Generator for Real Life Security Protocols

机译：面向现实生活安全协议的可扩展代码生成器的开发和形式化

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

This paper introduces Expi2Java, a new code generator for cryptographic protocols that translates models written in an extensible variant of the Spi calculus into executable code in a substantial fragment of Java, featuring concurrency, synchronization between threads, exception handling and a sophisticated type system with generics and wildcards. Our code generator is highly extensible and customizable, which allows it to generate interoperable implementations of complex real life protocols from detailed verified specifications. As a case study, we have generated an interoperable implementation of TLS v1.0 client and server from a protocol model verified with Pro Verif. Furthermore, we have formalized the translation algorithm of Expi2Java using the Coq proof assistant, and proved that the generated programs are well-typed if the original models are well-typed. This constitutes an important step towards the first machine-checked correctness proof of a code generator for cryptographic protocols.

机译：本文介绍了Expi2Java，这是一种用于密码协议的新代码生成器，可以将在Spi演算的可扩展变体中编写的模型转换为Java实质片段中的可执行代码，具有并发性，线程之间的同步，异常处理和具有泛型的复杂类型系统和通配符。我们的代码生成器具有高度的可扩展性和可定制性，从而可以根据经过验证的详细规范生成复杂的现实生活协议的可互操作实现。作为案例研究，我们已经通过Pro Verif验证的协议模型生成了TLS v1.0客户端和服务器的可互操作实现。此外，我们使用Coq证明助手对Expi2Java的翻译算法进行了形式化验证，并证明了如果原始模型类型正确，则生成的程序也将具有良好类型。这是朝着用于密码协议的代码生成器进行第一个机器检查的正确性证明迈出的重要一步。

著录项

来源
《NASA formal methods.》|2012年|p.371-387|共17页
会议地点 Norfolk VA(US);Norfolk VA(US)
作者
Michael Backes; Alex Busenius; Catalin Hritcu;
展开▼
作者单位

Saarland University,MPI-SWS;

Saarland University;

Saarland University,University of Pennsylvania;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类计算技术、计算机技术;计算技术、计算机技术;
关键词

相似文献

外文文献
中文文献
专利

1. A new approach to develop a dependable security case by combining real life security experiences (lessons learnt) with D-Case development process [J] . Vaise Patu, Shuichiro Yamamoto 電子情報通信学会技術研究報告. 知能ソフトウェア工学. Knowledge-Based Software Engineering . 2013,第71期

机译：通过结合现实生活中的安全经验（经验教训）和D-Case开发过程来开发可靠的安全案例的新方法
2. DEVELOPMENT OF AN AUGMENTED REALITY-BASED G-CODE GENERATOR IN A VIRTUAL CNC MILLING SIMULATION [J] . HWA JEN YAP, YUN SUEN PAI, SIOW-WEE CHANG, International Journal of Computer Science and Engineering . 2016,第6680期

机译：虚拟数控铣削仿真中基于增强现实的G代码生成器的开发
3. Secure Coding: Building Security into the Software Development Life Cycle [J] . Russell L. Jones, Abhinav Rastogi Information Systems Security . 2004,第5期

机译：安全编码：将安全性纳入软件开发生命周期
4. On the Development and Formalization of an Extensible Code Generator for Real Life Security Protocols [C] . Michael Backes, Alex Busenius, Catalin Hritcu International Symposium on NASA Formal Methods . 2012

机译：关于现实生活安全协议可扩展代码生成器的开发与正式化
5. Simple authentication and security layer incorporating extensible authentication protocol [D] . Kim, Myung-Sun 2007

机译：包含可扩展身份验证协议的简单身份验证和安全层
6. Correction: Development and validation protocol for an instrument to measure household water insecurity across cultures and ecologies: the Household Water InSecurity Experiences (HWISE) Scale [O] . 2019

机译：更正：针对各种文化和生态环境中的家庭水不安全性度量工具的开发和验证协议：家庭水不安全性体验（HWISE）量表
7. On the Development and Formalization of an Extensible Code Generator for Real Life Security Protocols [O] . Michael Backes, Alex Busenius 2013

机译：现实生命安全协议可扩展代码生成器的开发与形式化

On the Development and Formalization of an Extensible Code Generator for Real Life Security Protocols

摘要

著录项

相似文献

相关主题

期刊订阅