Skip to Main content Skip to Navigation
Conference papers

A Verified Information-Flow Architecture

Abstract : SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows. At the lowest level, the SAFE hardware supports fine-grained programmable tags, with efficient and flexible propagation and combination of tags as instructions are executed. The operating system virtualizes these generic facilities to present an information-flow abstract machine that allows user programs to label sensitive data with rich confidentiality policies. We present a formal, machine-checked model of the key hardware and software mechanisms used to control information flow in SAFE and an end-to-end proof of noninterference for this model.
Document type :
Conference papers
Complete list of metadata
Contributor : Ben Smyth Connect in order to contact the contributor
Submitted on : Sunday, December 15, 2013 - 5:05:03 PM
Last modification on : Friday, January 21, 2022 - 3:20:50 AM

Links full text



Arthur Azevedo de Amorim, Nathan Collins, André Dehon, Delphine Demange, Catalin Hritcu, et al.. A Verified Information-Flow Architecture. 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), 2014, San Diego, CA, United States. ⟨10.1145/2535838.2535839⟩. ⟨hal-00918847⟩



Record views