all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SECOMP: Formally Secure Compilation of Compartmentalized C Programs

Add to bookmarks
April 17, 2024, 4:11 a.m. | J\'er\'emy Thibault, Roberto Blanco, Dongjae Lee, Sven Argo, Arthur Azevedo de Amorim, A\"ina Linn Georges, Catalin Hritcu, Andrew Tolmach

cs.CR updates on arXiv.org arxiv.org

arXiv:2401.16277v2 Announce Type: replace-cross
Abstract: Undefined behavior in C often causes devastating security vulnerabilities. One practical mitigation is compartmentalization, which allows developers to structure large programs into mutually distrustful compartments with clearly specified privileges and interactions. In this paper we introduce SECOMP, a compiler for compartmentalized C code that comes with machine-checked proofs guaranteeing that the scope of undefined behavior is restricted to the compartments that encounter it and become dynamically compromised. These guarantees are formalized as the preservation of …

arxiv code compiler cs.cr cs.pl developers large machine mitigation privileges security structure vulnerabilities

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Decentralised, Collaborative, and Privacy-preserving Machine Learning for Multi-Hospital Data 5 hours ago | arxiv.org
accuracy analysis arxiv cs.cr +17
Pruning for Protection: Increasing Jailbreak Resistance in Aligned LLMs Without Fine-Tuning 5 hours ago | arxiv.org
arxiv attacks can cs.ai +13
Relay Mining: Incentivizing Full Non-Validating Nodes Servicing All RPC Types 5 hours ago | arxiv.org
arxiv client crypto cryptographic +19
Laccolith: Hypervisor-Based Adversary Emulation with Anti-Detection 5 hours ago | arxiv.org
advanced advanced persistent threats adversary adversary emulation +18
Commercial Anti-Smishing Tools and Their Comparative Effectiveness Against Modern Threats 5 hours ago | arxiv.org
arxiv attacker attacks commercial +19
PriSampler: Mitigating Property Inference of Diffusion Models 5 hours ago | arxiv.org
arxiv attacks banking cs.cr +12
PrescientFuzz: A more effective exploration approach for grey-box fuzzing 5 hours ago | arxiv.org
arxiv box campaigns control +13
Evaluating and Mitigating Linguistic Discrimination in Large Language Models 5 hours ago | arxiv.org
arxiv can capabilities cs.ai +16
Towards Classical Software Verification using Quantum Computers 5 hours ago | arxiv.org
aid arxiv computer computers +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Architect - Identity and Access Management Architect (80-100% | Hybrid option)

@ Swiss Re | Madrid, M, ES
View on infosec-jobs.com

Alternant - Consultant HSE (F-H-X)

@ Bureau Veritas Group | MULHOUSE, Grand Est, FR
View on infosec-jobs.com

Senior Risk/Cyber Security Analyst

@ Baker Hughes | IN-KA-BANGALORE-NEON BUILDING WEST TOWER
View on infosec-jobs.com

Offensive Security Engineer (University Grad)

@ Meta | Bellevue, WA | Menlo Park, CA | Seattle, WA | Washington, DC | New York City
View on infosec-jobs.com

Senior IAM Security Engineer

@ Norfolk Southern | Atlanta, GA, US, 30308
View on infosec-jobs.com
View more jobs