A Semantics for Attestation Protocols using Session Types in Coq

Petz, Adam Michael

dc.contributor.advisor	Alexander, Perry W
dc.contributor.author	Petz, Adam Michael
dc.date.accessioned	2017-05-15T00:03:15Z
dc.date.available	2017-05-15T00:03:15Z
dc.date.issued	2016-12-31
dc.date.submitted	2016
dc.identifier.other	http://dissertations.umi.com/ku:14918
dc.identifier.uri	http://hdl.handle.net/1808/24137
dc.description.abstract	As our world becomes more connected, the average person must place more trust in cloud systems for everyday transactions. We rely on banks and credit card services to protect our money, hospitals to conceal and selectively disclose sensitive health information, and government agencies to protect our identity and uphold national security interests. However, establishing trust in remote systems is not a trivial task, especially in the diverse, distributed ecosystem of todays networked computers. Remote Attestation is a mechanism for establishing trust in a remotely running system where an Appraiser requests information from a target that can be used to evaluate its operational state. The target responds with evidence providing configuration information, run-time measurements, and authenticity meta-evidence used by the appraiser to determine if it trusts the target system. For Remote Attestation to be applied broadly, we must have Attestation Protocols that perform operations on a collection of applications, each of which must be measured differently. Verifying that these protocols behave as expected and accomplish their diverse attestation goals is a unique challenge. An important first step is to understand the structural properties and execution patterns they share. In this thesis I present a semantic framework for attestation protocol execution within the Coq verification environment including a protocol representation based on Session Types, a dependently typed model of perfect cryptography, and an operational execution semantics. The expressive power of dependent types constrains the structure of protocols and supports precise claims about their behavior. If we view attestation protocols as programming language expressions, we can borrow from standard language semantics techniques to model their execution. The proof framework ensures desirable properties of protocol execution that hold for all protocols. Within this framework, it is feasible to state and prove specialized properties such as authenticity and secrecy for individual protocols.
dc.format.extent	61 pages
dc.language.iso	en
dc.publisher	University of Kansas
dc.rights	Copyright held by the author.
dc.subject	Computer science
dc.subject	Cloud Computing
dc.subject	Coq
dc.subject	Formal Methods
dc.subject	Programming Languages
dc.subject	Software Verification
dc.subject	Trusted Computing
dc.title	A Semantics for Attestation Protocols using Session Types in Coq
dc.type	Thesis
dc.contributor.cmtemember	Gill, Andy
dc.contributor.cmtemember	Kulkarni, Prasad
dc.thesis.degreeDiscipline	Electrical Engineering & Computer Science
dc.thesis.degreeLevel	M.S.
dc.identifier.orcid
dc.rights.accessrights	openAccess

Files in this item

Name:: Petz_ku_0099M_14918_DATA_1.pdf
Size:: 293.7Kb
Format:: PDF

View/Open

This item appears in the following Collection(s)

The University of Kansas prohibits discrimination on the basis of race, color, ethnicity, religion, sex, national origin, age, ancestry, disability, status as a veteran, sexual orientation, marital status, parental status, gender identity, gender expression and genetic information in the University’s programs and activities. The following person has been designated to handle inquiries regarding the non-discrimination policies: Director of the Office of Institutional Opportunity and Access, IOA@ku.edu, 1246 W. Campus Road, Room 153A, Lawrence, KS, 66045, (785)864-6414, 711 TTY.