CoSMed: a confidentiality-verified social media platform

Bauereiß, Thomas, Pesenti Gritti, Armando, Popescu, Andrei and Raimondi, Franco ORCID logoORCID: (2016) CoSMed: a confidentiality-verified social media platform. Interactive Theorem Proving. ITP 2016. Lecture Notes in Computer Science, vol 9807. In: ITP 2016: 7th International Conference on Interactive Theorem Proving, 22-25 Aug 2016, Nancy, France. ISBN 9783319431437. ISSN 0302-9743 [Conference or Workshop Item] (doi:10.1007/978-3-319-43144-4_6)

PDF - Final accepted version (with author's formatting)
Download (183kB) | Preview


This paper describes progress with our agenda of formal verification of information-flow security for realistic systems. We present CoSMed, a social media platform with verified document confidentiality. The system’s kernel is implemented and verified in the proof assistant Isabelle/HOL. For verification, we employ the framework of Bounded-Deducibility (BD) Security, previously introduced for the conference system CoCon. CoSMed is a second major case study in this framework. For CoSMed, the static topology of declassification bounds and triggers that characterized previous instances of BD security has to give way to a dynamic integration of the triggers as part of the bounds

Item Type: Conference or Workshop Item (Paper)
Additional Information: Published as: Bauereiß T., Pesenti Gritti A., Popescu A., Raimondi F. (2016) CoSMed: A Confidentiality-Verified Social Media Platform. In: Blanchette J., Merz S. (eds) Interactive Theorem Proving. ITP 2016. Lecture Notes in Computer Science, vol 9807. Springer, Cham
Research Areas: A. > School of Science and Technology > Computer Science > Foundations of Computing group
Item ID: 22094
Notes on copyright: The final publication is available at Springer
Useful Links:
Depositing User: Andrei Popescu
Date Deposited: 19 Jun 2017 15:40
Last Modified: 08 Jun 2022 00:04

Actions (login required)

View Item View Item


Activity Overview
6 month trend
6 month trend

Additional statistics are available via IRStats2.