New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here


by: Cleora Stiedemann


Marketplace > Rice University > ComputerScienence > COMP 527 > COMPUTER SYSTEMS SECURITY
Cleora Stiedemann
Rice University
GPA 3.72

Dan Wallach

Almost Ready


These notes were just uploaded, and will be ready to view shortly.

Purchase these notes here, or revisit this page.

Either way, we'll remind you when they're ready :)

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Dan Wallach
Class Notes
25 ?




Popular in Course

Popular in ComputerScienence

This 19 page Class Notes was uploaded by Cleora Stiedemann on Monday October 19, 2015. The Class Notes belongs to COMP 527 at Rice University taught by Dan Wallach in Fall. Since its upload, it has received 56 views. For similar materials see /class/224951/comp-527-rice-university in ComputerScienence at Rice University.

Similar to COMP 527 at Rice University




Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 10/19/15
JPui EhXg Emmi 39 Wait 11mm ik mm 0M rtc rLl x ib f we r a lgm w kn mmhmm g ym39rm mum 3 s Qimi hgg mg Rh Mocl l Checking 7 Can be 51 V l td i j 3 Q11 5 39 v Mw mn gmwm 39JFEO Im gamimxcu Wm Tg pm amaze lm fr m f 2 mmm y C1 4 my MLVLBX EY was m swr l mow ligwgv a v b v Him 9 W quot m milm W163 Q I F m 3 WWW hE W mmgt analxrymsm decrypt message pattern Q 9 1g 7 Emma mm mmsz 2311 mm mm w m gimmmmlquot V s Emw ym Wmm amm smd m 4 Still need to formalize rks correctly sb nf lw vw is WM mag max gmwsm nwttmz 331 mam misa 339 mam was gt I his protocol safe s it robustly safe may r wmuam Mamasmat Mrzzli i raw n Not robustly safe An attacker can replay enczypted messages maxim rm am 19er lt9 113132 For 679 m7 eff i212 MAM rm mange as Liam m 1 Robust SafetV The pronch e even in the presence ofazl t1 azy opponenth 0c all 3 r Mama af rm ma a m ham la gg 132th aim was awmiml e wiin M an 39 39 exam meme 5mm 07 m ms mm mg a m 3 WWme n um um s is 11gt awnminhm ism21 amdmiuly W s MM M rman wj lg g w 3 Simiame m Wu h ad ammm am am am a awhmwmmmw m m mi m tW 1524 l awil all m mrmw E Mucnww mmwi 7 Lump Wtf39 v mama szn39 l mwdf iwa l v M gt 1 kg 25 mm Immwam may Waugh ng mim mmmmaw quotism 39 sev mj amt126 Rik2 H new 11 9 vubtract check n H i 39K m 3 imamva masi nwv unuimzs l m m 1 L W V A quotL 3mm 2mm 3 WWquot Lqum Nimimm lt9 W 1mm mm pikamanw mm le A em 1w E s hmg 39 mwmmwmmm 7 More extell ible 1 131de ngwmmmca um csmpmgjmwm prmmui 1 o Sinjmi u y Hamth 39 71ch am mama mm W a mm m amm Include a protocol conlpilerflntemreter mmmmc 7 ass mam mma l cm i Laggingin am 116 mm ip mmrmk jammy aw mammmm in Am agamr mm 1mm by mixing Rama a I I I mam El mm my LG i i wg 13m l b aam mm t Trust effect tatements LE m mm Gypsy Overview Gypsy and the GVE John McHugh Portland State University mchughcspdxedu Formal Methods in Computer Security 1999 Gypsy Overview reSources Gypsy is installed in the class directory homecomp527bingve D 39isin 77 quot 39 The manuals that are most useful are reportOOlcgypsy205ps This is the Gypsy language reference manual reportOOZgypsymethodologyps This provides a tutorial with several examples showing how the gve is used reportOlZgiftmanualps This is the manual for the Gypsy Information Flow Tool GIFT The directory contains numerous other manuals and internal notes from OH Formal Methods in Computer Security 1999 Formal Methods in Computer Security 1999 Gypsy Overview Overview and History The Gypsy Verification Environment was built at UT Austin by the Institute for Computing Science and Computing Applications under the direction of Don Good with funding from NSA Work started in the late 19705 and continued until about 1986 when the Gypsy group left UT to form Computational Logic Inc Gve work at CLI continued into the mid 19905 when NSA discontinued support Early versions ran on DEC 105 and 205 Ports to LISP machines occurred in the mid 805 to Suns in the late 805 During the 805 and early 905 the GVE was widely used as a modeling and verification tool for secure systems design Gypsy Overview Formal Methods in Computer Security 1999 The gve The Gypsy verification environment integrated parsing compiling and proof functions with 39 based 39 39 The incremental methods allowed preservation of proof effort in the face of code or specification changes Maj or components include Parser syntax and semantic passes Verification Condition generator Symbolic Evaluator and interactive theorem prover Database Code generator common Bliss output Code optimizer Information flow tool Incremental analysis Gypsy Overview What good was it Gypsy was used on a variety of research and production projects The driving example at UT was a cryptographic interface to the ARPANET first with NCP then TCPIP The GVE was used to verify non kernel portions of the SCOMP trusted computing base The SCOMP was certified at Al by NSA Begun as a research project the message flow modulator a guard processor was redone as a fully verified product but never deployed Multinet gateway deployed during desert storm was specified in Gypsy Model code written in gypsy was hand translated to C using the Gypsy optimizer to justify exception suppression The Secure Computing Corp LOCK processor was T specified in Gypsy and a covert channel analysis used the GIF Formal Methods in Computer Security 1999 Gypsy Overview More applications Andy Moore now at N39RL andl developed a security policy model for what became the VSLAN Verdix Secure LAN This was Andy s MS thesis I modeled parts of the X windows protocols while working on a B3 certifiable windowing system project with TRW and TlS A derivative of this was used in TMACH Formal Methods in Computer Security 1999 Formal Methods in Computer Security 1999 Gypsy Overview Other systems I use Gypsy because it is of historical interest and still represents the only extant integrated environment for code verification Nontheless it is crude and a bit clunky If you want to use a more up to date system for manipulating specifications of the same general sort try PVS from SRI International ACLZ from UT is a verifiable LISP based on the work of Bob Boyer and J Moore For state based systems there are several model checking systems that are used for both hardware and software especially protocols verification Gypsy Overview Formal Methods in Computer Security 1999 The Gypsy Language The original charge to the UT group was to extract a verifiable subset of Pascal This was harder than expected and Gypsy is based on Pascal but with differences No pointers No global variables No direct IO buffers to environment processes communicating via message passing buffers set sequence and mapping types scoped declarations packaging exception sem antics specification statements Gypsy Overview A simple example The next slides intersperse fragments of a program to find the smallest elem ent in an array with observations on the language Note that this program does not have 10 or concurrency It also has nothing to do with security Friday s example will show us a simple secure file system Formal Methods in Computer Security 1999 Gypsy Example scope minimum jrocedure begin procedure lociofimin varl index a intiarray i j index egin vark index i l i loop ifk j then leave end k k 1 if ak lt al then 1 k end en end name type index intiarray from integeriarrayitypes end scope minimum jrocedure Formal Methods in Computer Security 1999 Gypsy Overview Observations The scope statement restricts the scope of potentially global declarations of proceedures types constants etc The name statem ent allows explicit control over importing names from other scopes but not over exporting misfeature Parameters declared as var may be modified A general purpose loop is provided with a leave statement for exit Formal Methods in Computer Security 1999 11 Gypsy Overview Gypsy Example scope integeriarrayitypes begin type intiarray array index of som eiint type index integerloiindex hiiindex const loiindex integer 0 const hiiindex integer 63 type som eiint integerloiint hiiint const loiint integer 1000 const hiiint integer 1000 end scope integeriarrayitypes Formal Methods in Computer Security 1999 12 Gypsy Overview Observations Types and constants may be declared Note that constants are given values This can be avoided by using the construct pending as in const loiindex integer pending const hiiindex integer pending This will cause proof problems as we will see later because it is possible to refine these definitions in such a way as to produce an ill form ed program The developers of the GVE became more than a little paranoid about allowing a user to prove false and this results in some IMHO silly restrictions Formal Methods in Computer Security 1999 13 Gypsy Overview Gypsy Example extending scope minimumlyrocedure e in procedure lociofimin varl index a intiarray i j index egin entry i le j exit isiminimum al a i j amp l in ij var k index i l i loop assert isiminimum al a i k amp l in ij amp k in ij ifk j then leave end k k 1 if ak lt al then 1 k end en end39 name function isiminimum from minimumispecs end scope minimumlyrocedure Formal Methods in Computer Security 1999 14 Gypsy Overview Observations The GVE stores intermediate results in an internal database The extending construct tells the system that a previously defined scope is being modified This may invalidate proofs as well as change definitions Note the entry and exit specification statements Entry specs are assumed true upon entry to the procedure but must be proven to hold at calling sites Exit specs must be proven from the entry and the effect of the procedure body The assert statem ent can appear anywhere in the body of the routine but an assert statement must lie in each path through a loop The assertion must be proven from the path to it which may start with the same assertion Note the specification function isiminimum Formal Methods in Computer Security 1999 Gypsy Overview Gypsy Example scope minimumispecs begin function isiminimum m someiint a intiarray p q index boolean pending name type someiint intiarray index from integeriarrayitypes end scope minimumispecs Formal Methods in Computer Security 1999 Gypsy Overview Observation Note that the function isim inimum has no body and is declared pending Later on we will add some lemmas to specify its behavior Boolean functions are often used for specification The use of pending will be tracked as a reminder that we have not yet finished our job In this case we will never give a body to the function Formal Methods in Computer Security 1999 Gypsy Overview Gypsy Example extending scope minimumispecs begin lemma singletonimin a intiarray p index assume isiminimum ap a p p lemma extendioldiminiup m someiint a intiarray p q index assume isiminimum m a p q l amp m le aq gt isiminimum m a p q lemma extendinewiminiup m someiint a intiarray p q index assume isiminimum m a p q l amp aq le m gt isiminimum aq a p q end scope minimumispecs Formal Methods in Computer Security 1999 Gypsy Overview Observations The lemmas define the properties that isiminimum is expected to have The minimum ofa subarray of size 1 is the single element in it If we extend the size of the subarray by one element and that element is larger than the previous minimum the previous minimum is the minimum of the expanded subarray If we extend as above but the added element is smaller than the previous minimum it becomes the minimum of the expanded subarray The lemmas are not well formed Why How can you fix it We have not shown the extension to minimum lirocedure required to access the lemmas in the process of proving the program Formal Methods in Computer Security 1999 19 Gypsy Overview Gypsy Example fixed The other lemma extendinewiminiup is modified in a similar fashion This allows one to prove that ql is in the type of index type indexil integerloiindexil hiiindex const loiindexil integer loiindexl lemma extendioldiminiup m someiint a intiarray p index q indexil assume isiminimum m a p q l amp m le aq gt isiminimum m a p q Formal Methods in Computer Security 1999 20 Gypsy Overview Starting the gve We start by invoking the gve I run it in an emacs shell buffer There is actually emacs interface code butl haven t bothered to load it here mgt gve GCL GNU Common Lisp Version222 Tue Mar 9 200658 CST 1999 Licensed under GNU Public Library License Contains Enhancements by W Schelter Do you wish to run the GVE in character mode or line Character Line Help 1 The l for line mode is essential c takes an immediate segmentation fault Formal Methods in Computer Security 1999 21 Gypsy Overview gve initialization Note System Hacking CLISYSTEMHACKING is set Checking loaded configuration of the GVE configuration okl Gypsy System version 2070 EXPERIMENTAL of erugr 1990 053939 AM Type NEWS for changes in this version Report problems by using vbr at Dockmaster gverinitlisp not found in user directory or default directory Welcome to the Experimental Gypsy 205 GVE you may begin Good luckl System hacking goes to lisp on error System integrity is checked vbr at dockm aster no longer exists I haven t done an initialization file Formal Methods in Computer Security 1999 22 Gypsy Overview gve setup Note that commands may be abbreviated The full version echos Gve 7gt set par ec on set parSE ecHO on So we can see what we are doing set parse echo on Gve 7gt set pa pre off set paRSE prePROCESSOR off Gypsy supports cpp like macros and includes but needs to find cpp Better to tum it o Gve 7gt set def homecomp527gveedirexamplel setdefAULTeFILEeNAME homecomp527gveedirexamplel Gve egt arse minlgyp parse minlgyp scope minimum procedure begin Formal Methods in Computer Security 1999 Gypsy Overview Proceeding At this point we will switch to a live demonstration Rem ember Any suf ciently advanced technology is indistinguishable from a rigged demo Formal Methods in Computer Security 1999


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Bentley McCaw University of Florida

"I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"

Janice Dongeun University of Washington

"I used the money I made selling my notes & study guides to pay for spring break in Olympia, Washington...which was Sweet!"

Jim McGreen Ohio University

"Knowing I can count on the Elite Notetaker in my class allows me to focus on what the professor is saying instead of just scribbling notes the whole time and falling behind."


"Their 'Elite Notetakers' are making over $1,200/month in sales by creating high quality content that helps their classmates in a time of need."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.