期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

操作系统形式化设计与安全需求的一致性验证研究 被引量:6

Research on Consistency Verification of Formal Design and Security Requirements for Operating System
下载PDF
导出
摘要 采用数学形式化方法对操作系统进行设计和验证可以保证系统的高度安全性.目前已有的操作系统形式化研究工作主要是验证系统的实现在代码级的程序正确性.提出一种操作系统形式化设计和验证的方法,采用操作系统对象语义模型(OSOSM)对系统的设计进行形式化建模,使用带有时序逻辑的高阶逻辑对操作系统的安全需求进行分析和定义.对象语义模型作为系统设计和形式化验证的联系.以实现和验证过的可信微内核操作系统VTOS为实例,阐述形式化设计和安全需求分析,并使用定理证明器Isabelle/HOL①对系统的设计和安全需求的一致性进行验证,表明VTOS达到预期的安全性. The mathematical formal methods for operating system design and verification achievehigh assurance of system security.The existing formalization research works in the scope ofoperating system mainly focus on showing that an implementation complies with the program correctness in the code-level verification.In this paper,we propose a method for formal designand verification.We adopt the operating system object semantics model (OSOSM)for formal modeling of the system design,and analyze and define the security requirements using higher-order logic (HOL)with temporal logic (TL).We view OSOS Mas the link between systemdesign and formal verification,and take the self-implemented and verified trusted operating system (VTOS)as an example to illustrate formal design and analysis of security requirements.Meanwhile,we use the theorem prover Isabelle/HOL to verify the consistency between system design and security requirements,and show that VTOS achieves the desired security.
作者 钱振江 黄皓 宋方敏
机构地区 南京大学计算机科学与技术系 常熟理工学院计算机科学与工程学院 伦敦大学国王学院
出处 《计算机学报》 EI CSCD 北大核心 2014年第5期1082-1099,共18页 Chinese Journal of Computers
基金 国家自然科学基金创新研究群体基金(60721002) 江苏省"六大人才高峰"高层次人才项目(2011-DZXX-035) 江苏省高校自然科学研究项目(12KJB520001) CSLG科研项目(QT1312)资助~~
关键词 操作系统 形式化设计 安全需求 一致性验证 定理证明 信息安全 网络安全 operating system formal design security requirements consistency verification theorem proving information security network security
分类号 TP316 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献16

  • 1Klein G, Andronick J, Elphinstone K, et al. seL4: Formal verification of an operating-system kernel. Communications of the ACM, 2010, 53(6): 107-115. 被引量:1
  • 2Alkassar E, Hillebrand M A, Leinenbach D, et al. The Verisoft approach to systems verification//Proceedings of the 2nd Working Conference on Verified Software: Theories, Tools, and Experiments (VSTTE 2008). Toronto, Canada, 2008: 209-224. 被引量:1
  • 3Stampoulis A, Shao Z. Static and user-extensible proof checking//Proceedings of the 39th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2012). Philadelphia, USA, 2012:273-284. 被引量:1
  • 4Elphinstone K, Heiser G. From L3 to seL4 -- what have we learnt in 20 years of L4 microkernels?//Proceedings of the 24th ACM SIGOPS Symposium on Operating Systems Principles(SOSP 2013). Farmington, USA, 2013:133-150. 被引量:1
  • 5O~Sullivan B, Stewart D, Goerzen J. Real World Haskell. California: O'Reilly, 2008. 被引量:1
  • 6Nipkow T, Paulson L C, Wenzel M T. Isabelle/HOL: A Proof Assistant for Higher-Order Logic. Heidelberg: Springer, 2002. 被引量:1
  • 7Sewell T, Winwood S, Gammie P, et al. seL4 enforces integrity//Proceedings of the 2nd Conference on Interactive Theorem Proving (ITP 2011 ). Nijmegen, Netherlands, 2011:325-340. 被引量:1
  • 8Heiser G, Murray T, Klein G. It's time for trustworthy systems//Proceedings of the 33rd IEEE Symposium on Security & Privacy (S&P 2012). San Francisco, USA, 2012, 67-70. 被引量:1
  • 9Alkassar E, Cohen E, Hillebrand M A, et al. Verifying shadow page table algorithms//Proceedings of the 10th International Conference on Formal Methods in Computer Aided Design (FMCAD 2010). Lugano, Switzerland, 2010 : 267-270. 被引量:1
  • 10Baumann C, Bormer T, Blasum H, et ai. Proving memory separation in a microkerneI by code level verification// Proceedings of the 14th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops (ISORCW 2011). Newport Beach, USA, 2011:25-32. 被引量:1

二级参考文献18

  • 1周巢尘.形式语义学引论[M].长沙:湖南科学技术出版社,1985. 被引量:7
  • 2Abadi M,Budiu M, Erlingsson U,et al. Control-flowintegrity principles, implementations, and applications [J].ACM Trans on Information and System Security, 2009,13(1): 1-40. 被引量:1
  • 3Chen Ping, Xiao Hai,Shen Xiaobin, et al. DROP: Detectingreturn-oriented programming malicious code [C] //Proc of the5th Int Conf on Information Systems Security (ICISS'09).Berlin: Springer, 2009 : 163-177. 被引量:1
  • 4Chen Ping, Xiao Xing, Hao Han, et al. Efficient detection ofthe return-oriented programming malicious code [C] //Proc ofthe 6th Int Conf on Information Systems Security(ICISS,10).Berlin: Springer, 2010: 140-155. 被引量:1
  • 5Bevier W R. A verified operating system lernel [D]. Austin:University of Texas at Austin, 1987. 被引量:1
  • 6Klein G,Elphinstone K,Heiser G, et al. seL4: Formalverification of an OS kernel [C] //Proc of the 22nd ACMSymp on Operating Systems Principles ( SOSP'09 ). NewYork: ACM, 2009: 207-220. 被引量:1
  • 7Gargano M, Hillebrand M, Leinenbach D, et al. On thecorrectness of operating system kernels [G] //LNCS 3603 ?Proc of the 18th Int Conf on Theorem Proving in HigherOrVler Logics(TPHOLs,05). Berlin: Springer, 2005 : 1-16. 被引量:1
  • 8Stampoulis A,Shao Z. VeriML: Typed computation oflogical terms inside a language with effects [C] //Proc of the15th ACM SIGPLAN Int Conf on Functional Programming(ICFP’10). New York: ACM, 2010: 333-344. 被引量:1
  • 9Shapiro J, Doerrie M S, Northup E, et al. Towards averified, general-purpose operating system kernel [C] //Procof the 1st NICTA Workshop on Operating SystemVerification. Sydney: NICTA, 2004 : 1-19. 被引量:1
  • 10Shapiro J S, Smith J M, Farber D J. EROS: A fastcapability system [C] //Proc of 17th ACM Symp onOperating Systems Principles(SOSP,99). New York: ACM,1999: 170-185. 被引量:1

共引文献10

同被引文献42

引证文献6

二级引证文献13

计算机学报
2014年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部