all InfoSec news
SECOMP: Formally Secure Compilation of Compartmentalized C Programs
April 17, 2024, 4:11 a.m. | J\'er\'emy Thibault, Roberto Blanco, Dongjae Lee, Sven Argo, Arthur Azevedo de Amorim, A\"ina Linn Georges, Catalin Hritcu, Andrew Tolmach
cs.CR updates on arXiv.org arxiv.org
Abstract: Undefined behavior in C often causes devastating security vulnerabilities. One practical mitigation is compartmentalization, which allows developers to structure large programs into mutually distrustful compartments with clearly specified privileges and interactions. In this paper we introduce SECOMP, a compiler for compartmentalized C code that comes with machine-checked proofs guaranteeing that the scope of undefined behavior is restricted to the compartments that encounter it and become dynamically compromised. These guarantees are formalized as the preservation of …
arxiv code compiler cs.cr cs.pl developers large machine mitigation privileges security structure vulnerabilities
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Architect - Identity and Access Management Architect (80-100% | Hybrid option)
@ Swiss Re | Madrid, M, ES
Alternant - Consultant HSE (F-H-X)
@ Bureau Veritas Group | MULHOUSE, Grand Est, FR
Senior Risk/Cyber Security Analyst
@ Baker Hughes | IN-KA-BANGALORE-NEON BUILDING WEST TOWER
Offensive Security Engineer (University Grad)
@ Meta | Bellevue, WA | Menlo Park, CA | Seattle, WA | Washington, DC | New York City
Senior IAM Security Engineer
@ Norfolk Southern | Atlanta, GA, US, 30308