SECOMP: Formally Secure Compilation of Compartmentalized C Programs | allinfosecnews.com

April 17, 2024, 4:11 a.m. | J\'er\'emy Thibault, Roberto Blanco, Dongjae Lee, Sven Argo, Arthur Azevedo de Amorim, A\"ina Linn Georges, Catalin Hritcu, Andrew Tolmach

cs.CR updates on arXiv.org arxiv.org

arXiv:2401.16277v2 Announce Type: replace-cross
Abstract: Undefined behavior in C often causes devastating security vulnerabilities. One practical mitigation is compartmentalization, which allows developers to structure large programs into mutually distrustful compartments with clearly specified privileges and interactions. In this paper we introduce SECOMP, a compiler for compartmentalized C code that comes with machine-checked proofs guaranteeing that the scope of undefined behavior is restricted to the compartments that encounter it and become dynamically compromised. These guarantees are formalized as the preservation of …

arxiv code compiler cs.cr cs.pl developers large machine mitigation privileges security structure vulnerabilities

More from arxiv.org / cs.CR updates on arXiv.org

PrivLM-Bench: A Multi-level Privacy Evaluation Benchmark for Language Models 2 days, 4 hours ago | arxiv.org

accessibility art arxiv attention +15

Provably Robust Cost-Sensitive Learning via Randomized Smoothing 2 days, 4 hours ago | arxiv.org

arxiv cost cs.cr cs.lg +1

WW-FL: Secure and Private Large-Scale Federated Learning 2 days, 4 hours ago | arxiv.org

arxiv attacks client cs.cr +28

Formalizing and Benchmarking Prompt Injection Attacks and Defenses 2 days, 4 hours ago | arxiv.org

arxiv attacks benchmarking cs.ai +9

SecureFalcon: Are We There Yet in Automated Software Vulnerability Detection with LLMs? 2 days, 4 hours ago | arxiv.org

adoption analysis applications arxiv +30

An Efficient and Multi-private Key Secure Aggregation for Federated Learning 2 days, 4 hours ago | arxiv.org

aggregation arxiv client cs.ai +21

How (not) to Build Quantum PKE in Minicrypt 2 days, 4 hours ago | arxiv.org

arxiv box build can +12

Computing Low-Entropy Couplings for Large-Support Distributions 2 days, 4 hours ago | arxiv.org

arxiv computing cs.cr cs.it +6

Unveiling and Mitigating Backdoor Vulnerabilities based on Unlearning Weight Changes and Backdoor Activeness 2 days, 4 hours ago | arxiv.org

arxiv attacks backdoor backdoor attacks +14

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com