Report on the NSF Workshop on Formal Methods for Security

The NSF workshop on Security and Formal Methods, held 19--20 November 2015, brought together developers of formal methods, researchers exploring how to apply formal methods to various kinds of systems, and people familiar with the security problem space.

[1]  Andreas Haeberlen,et al.  DJoin: differentially private join queries over distributed databases , 2012, OSDI 2012.

[2]  Kathleen Fisher HACMS: high assurance cyber military systems , 2012 .

[3]  Dilsun Kirli Kaynar,et al.  Experiences in the logical specification of the HIPAA and GLBA privacy laws , 2010, WPES '10.

[4]  Adam Chlipala,et al.  Using Crash Hoare logic for certifying the FSCQ file system , 2015, USENIX Annual Technical Conference.

[5]  Dilsun Kirli Kaynar,et al.  On Adversary Models and Compositional Security , 2011, IEEE Security & Privacy.

[6]  Daniel Jackson,et al.  Software Abstractions - Logic, Language, and Analysis , 2006 .

[7]  Massoud Masoumi,et al.  Efficient implementation of masked AES on Side-Channel Attack Standard Evaluation Board , 2015, 2015 International Conference on Information Society (i-Society).

[8]  Helen Nissenbaum,et al.  Privacy and contextual integrity: framework and applications , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[9]  Limin Jia,et al.  Temporal Mode-Checking for Runtime Monitoring of Privacy Policies , 2014, CAV.

[10]  Danfeng Zhang,et al.  Ironclad Apps: End-to-End Security via Automated Full-System Verification , 2014, OSDI.

[11]  Heiko Mantel,et al.  On the composition of secure systems , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[12]  Joseph Gray Jackson,et al.  Privacy and Freedom , 1968 .

[13]  Nate Foster,et al.  Efficient synthesis of network updates , 2014, PLDI.

[14]  Joan Feigenbaum,et al.  Probabilistic analysis of onion routing in a black-box model , 2012, TSEC.

[15]  Joseph Bonneau,et al.  Differentially Private Password Frequency Lists , 2016, NDSS.

[16]  Benjamin Grégoire,et al.  Probabilistic relational verification for cryptographic implementations , 2014, POPL.

[17]  Michael Dahlin,et al.  Toward the Verification of a Simple Hypervisor , 2011, ACL2.

[18]  Sorin Lerner,et al.  Establishing Browser Security Guarantees through Formal Shim Verification , 2012, USENIX Security Symposium.

[19]  Insup Lee,et al.  Privacy APIs: access control techniques to analyze and verify legal privacy policies , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).

[20]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[21]  Helen Nissenbaum,et al.  Privacy in Context - Technology, Policy, and the Integrity of Social Life , 2009 .

[22]  Dinakar Dhurjati,et al.  Secure virtual architecture: a safe execution environment for commodity operating systems , 2007, SOSP.

[23]  Alfredo Pironti,et al.  FLEXTLS: A Tool for Testing TLS Implementations , 2015, WOOT.

[24]  Frederic T. Chong,et al.  Caisson: a hardware description language for secure information flow , 2011, PLDI '11.

[25]  Chris Hawblitzel,et al.  Safe to the last instruction: automated verification of a type-safe operating system , 2011, CACM.

[26]  J. Borges,et al.  A TAXONOMY OF PRIVACY , 2006 .

[27]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[28]  J. Rubenfeld The Right of Privacy , 1989 .

[29]  Chris Fallin,et al.  Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors , 2014, 2014 ACM/IEEE 41st International Symposium on Computer Architecture (ISCA).

[30]  David Sands,et al.  Differential Privacy , 2015, POPL.

[31]  Frederic T. Chong,et al.  Complete information flow tracking from the gates up , 2009, ASPLOS.

[32]  James Newsome,et al.  Design, Implementation and Verification of an eXtensible and Modular Hypervisor Framework , 2013, 2013 IEEE Symposium on Security and Privacy.

[33]  Yair Zick,et al.  Algorithmic Transparency via Quantitative Input Influence: Theory and Experiments with Learning Systems , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[34]  Samuel T. King,et al.  Verifying security invariants in ExpressOS , 2013, ASPLOS '13.

[35]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[36]  Martín Abadi,et al.  Language-Based Enforcement of Privacy Policies , 2004, Privacy Enhancing Technologies.

[37]  Elaine Shi,et al.  GUPT: privacy preserving data analysis made easy , 2012, SIGMOD Conference.

[38]  Jan Reineke,et al.  CacheAudit: A Tool for the Static Analysis of Cache Side Channels , 2013, TSEC.

[39]  Bruno Blanchet,et al.  A Computationally Sound Mechanized Prover for Security Protocols , 2008, IEEE Transactions on Dependable and Secure Computing.

[40]  Andreas Haeberlen,et al.  Linear dependent types for differential privacy , 2013, POPL.

[41]  Gilles Barthe,et al.  Probabilistic Relational Reasoning for Differential Privacy , 2012, TOPL.

[42]  Deian Stefan,et al.  Protecting Users by Confining JavaScript with COWL , 2014, OSDI.

[43]  A. Anonymous,et al.  Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy , 2013, J. Priv. Confidentiality.

[44]  Benjamin C. Pierce,et al.  Distance makes the types grow stronger: a calculus for differential privacy , 2010, ICFP '10.

[45]  Len LaPadula,et al.  Secure Computer Systems: A Mathematical Model , 1996 .

[46]  Aaron Roth,et al.  The Algorithmic Foundations of Differential Privacy , 2014, Found. Trends Theor. Comput. Sci..

[47]  Yao Wang,et al.  A Hardware Design Language for Timing-Sensitive Information-Flow Security , 2015, ASPLOS.

[48]  Michael Carl Tschantz,et al.  Automated Experiments on Ad Privacy Settings: A Tale of Opacity, Choice, and Discrimination , 2014, ArXiv.

[49]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[50]  Sharon Goldberg,et al.  A workflow for differentially-private graph synthesis , 2012, WOSN '12.

[51]  Clark W. Barrett,et al.  The SMT-LIB Standard Version 2.0 , 2010 .

[52]  Nicholas Diakopoulos,et al.  Accountability in algorithmic decision making , 2016, Commun. ACM.

[53]  Yu Guo,et al.  Deep Specifications and Certified Abstraction Layers , 2015, POPL.

[54]  S. Rajamani,et al.  A decade of software model checking with SLAM , 2011, Commun. ACM.

[55]  William R. Harris,et al.  Secure Programming via Visibly Pushdown Safety Games , 2012, CAV.

[56]  Serdar Tasiran,et al.  Automated and Modular Refinement Reasoning for Concurrent Programs , 2015, CAV.

[57]  Alfredo Pironti,et al.  A Messy State of the Union: Taming the Composite State Machines of TLS , 2015, 2015 IEEE Symposium on Security and Privacy.

[58]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[59]  Úlfar Erlingsson,et al.  RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response , 2014, CCS.

[60]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[61]  Andreas Haeberlen,et al.  Differential Privacy Under Fire , 2011, USENIX Security Symposium.

[62]  Roxana Geambasu,et al.  Sunlight: Fine-grained Targeting Detection at Scale with Statistical Confidence , 2015, CCS.

[63]  Somesh Jha,et al.  Automatic placement of authorization hooks in the linux security modules framework , 2005, CCS '05.

[64]  James P Anderson,et al.  Computer Security Technology Planning Study , 1972 .

[65]  Sorin Lerner,et al.  Automating formal proofs for reactive systems , 2014, PLDI.

[66]  Limin Jia,et al.  Policy auditing over incomplete logs: theory, implementation and applications , 2011, CCS '11.

[67]  Wolfram Schulte,et al.  Local Verification of Global Invariants in Concurrent Programs , 2010, CAV.

[68]  Saikat Guha,et al.  Bootstrapping Privacy Compliance in Big Data Systems , 2014, 2014 IEEE Symposium on Security and Privacy.

[69]  Benjamin Grégoire,et al.  Computer-Aided Security Proofs for the Working Cryptographer , 2011, CRYPTO.

[70]  Frederic T. Chong,et al.  Sapper: a language for hardware-level security policy enforcement , 2014, ASPLOS.

[71]  David A. Basin,et al.  Provably repairing the ISO/IEC 9798 standard for entity authentication , 2012, J. Comput. Secur..

[72]  Benjamin Grégoire,et al.  Formal certification of code-based cryptographic proofs , 2009, POPL '09.

[73]  Joseph Tassarotti,et al.  RockSalt: better, faster, stronger SFI for the x86 , 2012, PLDI.

[74]  Felix Klaedtke,et al.  Monitoring Metric First-Order Temporal Properties , 2015, J. ACM.

[75]  Andreas Haeberlen,et al.  Verifiable differential privacy , 2015, EuroSys.

[76]  David Walker,et al.  Abstractions for network update , 2012, SIGCOMM '12.

[77]  Patrick Schaumont,et al.  QMS: Evaluating the side-channel resistance of masked software from source code , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[78]  George Candea,et al.  Code-pointer integrity , 2014, OSDI.

[79]  Vitaly Shmatikov Probabilistic analysis of an anonymity system , 2004, J. Comput. Secur..

[80]  Andrea C. Arpaci-Dusseau,et al.  All File Systems Are Not Created Equal: On the Complexity of Crafting Crash-Consistent Applications , 2014, OSDI.

[81]  Vikram S. Adve,et al.  KCoFI: Complete Control-Flow Integrity for Commodity Operating System Kernels , 2014, 2014 IEEE Symposium on Security and Privacy.

[82]  Vitaly Shmatikov,et al.  Airavat: Security and Privacy for MapReduce , 2010, NSDI.

[83]  Christophe Clavier,et al.  Practical improvements of side-channel attacks on AES: feedback from the 2nd DPA contest , 2014, Journal of Cryptographic Engineering.

[84]  Xi Wang,et al.  Toward a Dependability Case Language and Workflow for a Radiation Therapy System , 2015, SNAPL.

[85]  Xi Wang,et al.  Jitk: A Trustworthy In-Kernel Interpreter Infrastructure , 2014, OSDI.

[86]  Andrew C. Myers,et al.  Untrusted hosts and confidentiality , 2001, SOSP.

[87]  Fred B. Schneider,et al.  Enforceable security policies , 2000, TSEC.

[88]  Deian Stefan,et al.  Hails: Protecting Data Privacy in Untrusted Web Applications , 2012, OSDI.

[89]  Jun Xu,et al.  Non-Control-Data Attacks Are Realistic Threats , 2005, USENIX Security Symposium.

[90]  Gernot Heiser,et al.  Comprehensive formal verification of an OS microkernel , 2014, TOCS.

[91]  Gilles Barthe,et al.  Certified computer-aided cryptography: efficient provably secure machine code from high-level implementations , 2013, IACR Cryptol. ePrint Arch..

[92]  John Leubsdorf,et al.  Privacy and Freedom , 1968 .

[93]  Cesare Tinelli,et al.  Introducing StarExec: a Cross-Community Infrastructure for Logic Solving , 2014, COMPARE.

[94]  L.,et al.  SECURE COMPUTER SYSTEMS : MATHEMATICAL FOUNDATIONS , 2022 .

[95]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.