cocon a conference management system with verified
play

CoCon: A Conference Management System with Verified Document - PowerPoint PPT Presentation

Mar 07, 2024 •233 likes •818 views

CoCon: A Conference Management System with Verified Document Confidentiality Sudeep Kanav Peter Lammich Andrei Popescu Technische Universit at M unchen Overview What? Overview What? Implementation of CoCon, a conf. manag. sys.

  1. CoCon: A Conference Management System with Verified Document Confidentiality Sudeep Kanav Peter Lammich Andrei Popescu Technische Universit¨ at M¨ unchen

  2. Overview What?

  3. Overview What? • Implementation of CoCon, a conf. manag. sys.

  4. Overview What? • Implementation of CoCon, a conf. manag. sys. • Verification in Isabelle of its information flow

  5. Overview What? • Implementation of CoCon, a conf. manag. sys. • Verification in Isabelle of its information flow Why?

  6. Overview What? • Implementation of CoCon, a conf. manag. sys. • Verification in Isabelle of its information flow Why? • Anonymity and integrity concerns

  7. Why It is our pleasure to inform you that your paper has been accepted to the IEEE Symposium of Security and Privacy (Oakland) 2012.

  8. Why It is our pleasure to inform you that your paper has been accepted to the IEEE Symposium of Security and Privacy (Oakland) 2012. We are sorry to inform you that your paper was not one of those accepted for this year’s conference. We apologize for an earlier ”acceptance” notification. It was due to a system error.

  9. Why It is our pleasure to inform you that your paper has been accepted to the IEEE Symposium of Security and Privacy (Oakland) 2012. We are sorry to inform you that your paper was not one of those accepted for this year’s conference. We apologize for an earlier ”acceptance” notification. It was due to a system error.

  10. Overview What? • Implementation of CoCon, a conf. manag. sys. • Verification in Isabelle of its information flow Why? • Anonymity and integrity concerns

  11. Overview What? • Implementation of CoCon, a conf. manag. sys. • Verification in Isabelle of its information flow Why? • Anonymity and integrity concerns • System with complex information flow

  12. Overview What? • Implementation of CoCon, a conf. manag. sys. • Verification in Isabelle of its information flow Why? • Anonymity and integrity concerns • System with complex information flow • Knowledge on how to approach similar systems

  13. CoCon’s Architecture code generation Isabelle Scala Specification Program REST Web Service Web Application

  14. CoCon’s Architecture code generation Isabelle Scala Specification Program REST Web Service Web Application http://vmnipkow1.informatik.tu-muenchen.de Used it for Isabelle 2014 Workshop

  15. System Specification Multi-user, multi-conference system • Users: ID and password • State: papers, authors, reviews, discussions, notifications, . . . • Actions: register paper, upload new version , bid on papers (if committee), assign reviewer (if chair), . . . • Outputs: download paper, read review, list committee members, . . .

  16. End Product of System Specification step : state → act → out × state

  17. Verified Confidentiality Properties What, when, by whom

  18. Verified Confidentiality Properties What, when, by whom can be learned about

  19. Verified Confidentiality Properties What, when, by whom can be learned about the documents in the system (papers, reviews, discussions, preferences)

  20. Source Declassification Trigger Declassification Bound Paper Paper Authorship Last Uploaded Version Content Paper Authorship or PC Membership B Nothing Last Edited Version Review Review Authorship Before Discussion and All the Later Versions Review Authorship or Last Edited Version Non-Conflict PC Membership D Before Notification Review Authorship or Non-Conflict PC Membership D or Nothing PC Membership N or Paper Authorship N Discussion Non-Conflict PC Membership Nothing Decision Non-Conflict PC Membership Last Edited Version Non-Conflict PC Membership or PC Membership N or Paper Authorship N Nothing Reviewer Non-Conflict PC Membership Non-Conflict PC Membership R Assignment of Reviewers and to Paper Number of Reviewers Non-Conflict PC Membership R or Non-Conflict PC Membership Paper Authorship N of Reviewers Phase Stamps: B = Bidding, D = Discussion, N = Notification, R = Review

  21. Source Declassification Trigger Declassification Bound Paper Paper Authorship Last Uploaded Version Content Paper Authorship or PC Membership B Nothing Last Edited Version Review Review Authorship Before Discussion and All the Later Versions Review Authorship or Last Edited Version Non-Conflict PC Membership D Before Notification Review Authorship or Non-Conflict PC Membership D or Nothing PC Membership N or Paper Authorship N Discussion Non-Conflict PC Membership Nothing Decision Non-Conflict PC Membership Last Edited Version Non-Conflict PC Membership or PC Membership N or Paper Authorship N Nothing Reviewer Non-Conflict PC Membership Non-Conflict PC Membership R Assignment of Reviewers and to Paper Number of Reviewers Non-Conflict PC Membership R or Non-Conflict PC Membership Paper Authorship N of Reviewers Phase Stamps: B = Bidding, D = Discussion, N = Notification, R = Review

  22. Source Declassification Trigger Declassification Bound Paper Paper Authorship Last Uploaded Version Content Paper Authorship or PC Membership B Nothing Last Edited Version Review Review Authorship Before Discussion and All the Later Versions Review Authorship or Last Edited Version Non-Conflict PC Membership D Before Notification Review Authorship or Non-Conflict PC Membership D or Nothing PC Membership N or Paper Authorship N Discussion Non-Conflict PC Membership Nothing Decision Non-Conflict PC Membership Last Edited Version Non-Conflict PC Membership or PC Membership N or Paper Authorship N Nothing Reviewer Non-Conflict PC Membership Non-Conflict PC Membership R Assignment of Reviewers and to Paper Number of Reviewers Non-Conflict PC Membership R or Non-Conflict PC Membership Paper Authorship N of Reviewers Phase Stamps: B = Bidding, D = Discussion, N = Notification, R = Review

  23. Source Declassification Trigger Declassification Bound Paper Paper Authorship Last Uploaded Version Content Paper Authorship or PC Membership B Nothing Last Edited Version Review Review Authorship Before Discussion and All the Later Versions Review Authorship or Last Edited Version Non-Conflict PC Membership D Before Notification Review Authorship or Non-Conflict PC Membership D or Nothing PC Membership N or Paper Authorship N Discussion Non-Conflict PC Membership Nothing Decision Non-Conflict PC Membership Last Edited Version Non-Conflict PC Membership or PC Membership N or Paper Authorship N Nothing Reviewer Non-Conflict PC Membership Non-Conflict PC Membership R Assignment of Reviewers and to Paper Number of Reviewers Non-Conflict PC Membership R or Non-Conflict PC Membership Paper Authorship N of Reviewers Phase Stamps: B = Bidding, D = Discussion, N = Notification, R = Review

  24. Source Declassification Trigger Declassification Bound Paper Paper Authorship Last Uploaded Version Content Paper Authorship or PC Membership B Nothing Last Edited Version Review Review Authorship Before Discussion and All the Later Versions Review Authorship or Last Edited Version Non-Conflict PC Membership D Before Notification Review Authorship or Non-Conflict PC Membership D or Nothing PC Membership N or Paper Authorship N Discussion Non-Conflict PC Membership Nothing Decision Non-Conflict PC Membership Last Edited Version Non-Conflict PC Membership or PC Membership N or Paper Authorship N Nothing Reviewer Non-Conflict PC Membership Non-Conflict PC Membership R Assignment of Reviewers and to Paper Number of Reviewers Non-Conflict PC Membership R or Non-Conflict PC Membership Paper Authorship N of Reviewers Phase Stamps: B = Bidding, D = Discussion, N = Notification, R = Review

  25. Source Declassification Trigger Declassification Bound Paper Paper Authorship Last Uploaded Version Content Paper Authorship or PC Membership B Nothing Last Edited Version Review Review Authorship Before Discussion and All the Later Versions Review Authorship or Last Edited Version Non-Conflict PC Membership D Before Notification Review Authorship or Non-Conflict PC Membership D or Nothing PC Membership N or Paper Authorship N Discussion Non-Conflict PC Membership Nothing Decision Non-Conflict PC Membership Last Edited Version Non-Conflict PC Membership or PC Membership N or Paper Authorship N Nothing Reviewer Non-Conflict PC Membership Non-Conflict PC Membership R Assignment of Reviewers and to Paper Number of Reviewers Non-Conflict PC Membership R or Non-Conflict PC Membership Paper Authorship N of Reviewers Phase Stamps: B = Bidding, D = Discussion, N = Notification, R = Review

  26. Bounded-Deducibility Security ϕ : Event → Bool f : Event → Val V = ”filter with ϕ , then apply f , event-wise” List(Event) Nothing Nothing Nothing List(Val) Nothing Nothing Nothing List(Obs)

  27. Bounded-Deducibility Security ϕ : Event → Bool f : Event → Val V = ”filter with ϕ , then apply f , event-wise” V List(Event) Nothing Nothing Nothing List(Val) Nothing Nothing Nothing List(Obs)

  28. Bounded-Deducibility Security γ : Event → Bool g : Event → Obs E = ”filter with γ , then apply g , event-wise” V List(Event) Nothing Nothing Nothing List(Val) Nothing Nothing E Nothing List(Obs)

  29. Bounded-Deducibility Security T : Event → Bool B relation on List(Val) Unless T occurs, E can learn nothing about V beyond B V List(Event) Nothing Nothing Nothing List(Val) T Nothing Nothing E Nothing List(Obs)

Recommend

ModelPlex: Verified Runtime Validation of Verified Cyber-Physical System Models Stefan Mitsch

ModelPlex: Verified Runtime Validation of Verified Cyber-Physical System Models Stefan Mitsch

ModelPlex: Verified Runtime Validation of Verified Cyber-Physical System Models Stefan Mitsch Andr e Platzer Computer Science Department, Carnegie Mellon University RV14, Sept. 24, 2014 Simplex for Hybrid System Models Stefan Mitsch ,

844 views • 50 slides
Verified Runtime Validation of Verified Cyber-Physical System Models Stefan Mitsch Andr e

Verified Runtime Validation of Verified Cyber-Physical System Models Stefan Mitsch Andr e

Verified Runtime Validation of Verified Cyber-Physical System Models Stefan Mitsch Andr e Platzer Computer Science Department, Carnegie Mellon University CPS V&V I&F Workshop, Dec. 12, 2014 For Details, see ModelPlex paper at

504 views • 27 slides
VeriPhy: Verified Controller Executables from Verified Cyber-Physical System Models Brandon Bohrer

VeriPhy: Verified Controller Executables from Verified Cyber-Physical System Models Brandon Bohrer

VeriPhy: Verified Controller Executables from Verified Cyber-Physical System Models Brandon Bohrer 1 , Yong Kiam Tan 1 , Stefan Mitsch 1 , Magnus O. Myreen 2 , and Andr e Platzer 1 Carnegie Mellon University 1 Chalmers University of Technology 2

672 views • 44 slides
CFSCQ: Extending a verified file system with concurrency Tej Chajed advised by Frans Kaashoek

CFSCQ: Extending a verified file system with concurrency Tej Chajed advised by Frans Kaashoek

SRC #14 CFSCQ: Extending a verified file system with concurrency Tej Chajed advised by Frans Kaashoek and Nickolai Zeldovich 1 Goal: verify a concurrent file system Existing verified file systems are sequential e.g. , FSCQ,

404 views • 12 slides
Verified Volunteers Verified Volunteers New Volunteer Screening Coordinator Irene Lazarus

Verified Volunteers Verified Volunteers New Volunteer Screening Coordinator Irene Lazarus

From the office of Texas Conference of SDA Human Resources ___________________________________ Verified Volunteers Verified Volunteers New Volunteer Screening Coordinator Irene Lazarus She will be working with every church and

279 views • 5 slides
Verified Cruise Control on RC Vehicle Shashank Ojha and Yufei Wang 1/17 Objective Implement a

Verified Cruise Control on RC Vehicle Shashank Ojha and Yufei Wang 1/17 Objective Implement a

Verified Cruise Control on RC Vehicle Shashank Ojha and Yufei Wang 1/17 Objective Implement a verified model (static POV system) on real hardware Fill the gap between theory & practice 2/17 Motivation Cruise Control system is

209 views • 17 slides
Verified Boot: From ROM to Userspace ROM-Code Bootloader Kernel Root File System ELC Europe

Verified Boot: From ROM to Userspace ROM-Code Bootloader Kernel Root File System ELC Europe

Verified Boot: From ROM to Userspace ROM-Code Bootloader Kernel Root File System ELC Europe 2016, 12.10.2016 Marc Kleine-Budde <mkl@pengutronix.de> Slide 1 - http://www.pengutronix.de - 13.10.2016 Why Verified Boot? Attractive hacking

774 views • 20 slides
Mixed-Mode Sample i d d l Management System: An Management System: An Early Glance Gina

Mixed-Mode Sample i d d l Management System: An Management System: An Early Glance Gina

Mixed-Mode Sample i d d l Management System: An Management System: An Early Glance Gina Cheung The 11th International Blaise Conference Annapolis, Maryland September 2007 Four Powerful Social and Economic Forces 1 1. From homogeneity

441 views • 23 slides
JACoW Team Meeting JACoW Database Scientific Program Management System (SPMS) Conference System

JACoW Team Meeting JACoW Database Scientific Program Management System (SPMS) Conference System

JACoW Team Meeting JACoW Database Scientific Program Management System (SPMS) Conference System Functionality Matt Arena, Fermi National Accelerator Laboratory System Requirements Oracle 9i Database File Server Standard Edition.

324 views • 10 slides
Cocon: A Type Theory for Defining Logics and Proofs Brigitte Pientka McGill University

Cocon: A Type Theory for Defining Logics and Proofs Brigitte Pientka McGill University

Cocon: A Type Theory for Defining Logics and Proofs Brigitte Pientka McGill University Montreal, Canada What are good high-level proof languages that make it easier to mechanize metatheory? What are good high-level proof languages that make

840 views • 59 slides
Kaizen: Building a Performant Blockchain System Verified for Consensus and Integrity Faria Kalim

Kaizen: Building a Performant Blockchain System Verified for Consensus and Integrity Faria Kalim

Kaizen: Building a Performant Blockchain System Verified for Consensus and Integrity Faria Kalim , Karl Palmskog , Jayasi Mehar , Adithya Murali , P. Madhusudan and Indranil Gupta University of Illinois at

423 views • 21 slides
Showing a CakeML program is safe CakeML A verified implementation of ML Formally

Showing a CakeML program is safe CakeML A verified implementation of ML Formally

First steps towards a semantic type system for CakeML Hrutvik Kanabar 1 January 23, 2020 University of Kent 1 Supervised by Scott Owens. Supported by the UK Research Institute in Verified Trustworthy Software Systems (VeTSS). Showing a CakeML

425 views • 28 slides
Verified Cyber-Physical Systems [FM11] 2 Verified Cyber-Physical Systems x l x j

Verified Cyber-Physical Systems [FM11] 2 Verified Cyber-Physical Systems x l x j

Differential Refinement Logic Sarah M. Loos and Andr Platzer Computer Science Department Carnegie Mellon University 1 Verified Cyber-Physical Systems [FM11] 2 Verified Cyber-Physical Systems x l x j p x k x i

1.97k views • 179 slides
Sego: Pervasive Trusted Metadata for Efficiently Verified Untrusted System Services Youngjin Kwon

Sego: Pervasive Trusted Metadata for Efficiently Verified Untrusted System Services Youngjin Kwon

Sego: Pervasive Trusted Metadata for Efficiently Verified Untrusted System Services Youngjin Kwon , Alan Dunn, Michael Lee, Owen Hofmann, Yuanzhong Xu, Emmett Witchel 1 Securing OS is difficult OS vulnerabilities in 2014 from national

1.06k views • 78 slides
Verified Switched Control System Design using Real- Time Hybrid Systems Reachability Stanley

Verified Switched Control System Design using Real- Time Hybrid Systems Reachability Stanley

Verified Switched Control System Design using Real- Time Hybrid Systems Reachability Stanley Bak, Taylor Johnson, Marco Caccamo, Lui Sha Air Force Research Lab Information Directorate Rome, NY DISTRIBUTION A. Approved for public

778 views • 40 slides
Clean Technology Startups Management Flight Simulator System Dynam ics Conference 2 0 0 9 Joe

Clean Technology Startups Management Flight Simulator System Dynam ics Conference 2 0 0 9 Joe

Clean Technology Startups Management Flight Simulator System Dynam ics Conference 2 0 0 9 Joe Hsueh, David Miller and John Sterman MIT Sloan School of Management DRAFT COPY DRAFT Research Question/Teaching Purpose What are the dynamics

393 views • 13 slides
Health Management System PowerSchool Fall Conference August 2 & 3, 2010 1 Wayne Wiens

Health Management System PowerSchool Fall Conference August 2 & 3, 2010 1 Wayne Wiens

Health Management System PowerSchool Fall Conference August 2 & 3, 2010 1 Wayne Wiens wwiens@esu9.org ESU 9 Documents can be downloaded from http://public.me.com/wwiens 2 Health Management System has four areas: 1. Immunizations

226 views • 19 slides
Management System Pre-Proposal Conference for RFP #: FIN122210CK January 25, 2011 1 Agenda

Management System Pre-Proposal Conference for RFP #: FIN122210CK January 25, 2011 1 Agenda

Judicial Branch Enterprise Document Management System Pre-Proposal Conference for RFP #: FIN122210CK January 25, 2011 1 Agenda Welcoming Remarks Conference Protocol Team Introductions /Roll Call Judicial Branch Overview AOC

242 views • 20 slides
The Seed System Production and Quality Management Hemispheric Conference Low Level Presence in

The Seed System Production and Quality Management Hemispheric Conference Low Level Presence in

The Seed System Production and Quality Management Hemispheric Conference Low Level Presence in Seed San Jose, Costa Rica June 12, 2013 Patty Townsend, Canadian Seed Trade Association Wendelyn Jones, DuPont Pioneer The Seed System The Seed

516 views • 23 slides
Lollipop MR1 Verified Boot Andrew Boie Open Source Technology Center Intel Corporation Agenda

Lollipop MR1 Verified Boot Andrew Boie Open Source Technology Center Intel Corporation Agenda

Lollipop MR1 Verified Boot Andrew Boie Open Source Technology Center Intel Corporation Agenda What is Verified Boot? Description of Verified Boot Components Q&A What Is Verified Boot? Verified Boot establishes a chain of

432 views • 19 slides
ModelPlex: Verified Runtime Monitors and Verified Test Oracles for Safety of Cyber-Physical

ModelPlex: Verified Runtime Monitors and Verified Test Oracles for Safety of Cyber-Physical

ModelPlex: Verified Runtime Monitors and Verified Test Oracles for Safety of Cyber-Physical Systems Stefan Mitsch Computer Science Department, Carnegie Mellon University CPS V&V I&F Workshop 2017 May 12, 2017 joint work with Andr e

537 views • 31 slides
Formally Verified Cryptographic Web Applications J. Protzenko et al. MSR + INRIA Verified

Formally Verified Cryptographic Web Applications J. Protzenko et al. MSR + INRIA Verified

Formally Verified Cryptographic Web Applications J. Protzenko et al. MSR + INRIA Verified Cryptographic Web Applications in WASM May. 22 st , 2019 1 / 22 in WebAssembly Jonathan Protzenko Microsoft Research Benjamin Beurdouche INRIA

1.5k views • 57 slides
A NEXT -GEN LEARNING MANAGEMENT SYSTEM WHAT IS LMS? A Learning Management System (LMS) is a

A NEXT -GEN LEARNING MANAGEMENT SYSTEM WHAT IS LMS? A Learning Management System (LMS) is a

A NEXT -GEN LEARNING MANAGEMENT SYSTEM WHAT IS LMS? A Learning Management System (LMS) is a software application or Web based technology used to plan, implement and assess a specific learning process. LMS includes Teacher and Student

493 views • 24 slides
Cache Storage Channels Alias-driven Attacks Formally Verified Platforms Formally Verified

Cache Storage Channels Alias-driven Attacks Formally Verified Platforms Formally Verified

Roberto Guanciale Mads Dam Hamed Nemati Christoph Baumann Cache Storage Channels Alias-driven Attacks Formally Verified Platforms Formally Verified Platforms Caches Excluded Formally Verified from the analysis Platforms Caches Excluded

675 views • 64 slides

More recommend