We present a case study in formally verified security for realistic systems: the information flow security verification of the functional kernel of a web application, the CoCon conference management system. We use the Isabelle theorem prover to specify and verify fine-grained confidentiality properties, as well as complementary safety and “traceback” properties. The challenges posed by this development in terms of expressiveness have led to bounded-deducibility security, a novel security model and verification method generally applicable to systems describable as input/output automata.

中文翻译：

---

CoCon：具有正式验证文件机密性的会议管理系统

我们提出了一个真实系统的正式验证安全性案例研究：Web 应用程序功能内核的信息流安全验证，CoCon 会议管理系统。我们使用 Isabelle 定理证明器来指定和验证细粒度的机密性属性，以及补充安全性和“回溯”属性。这种发展在表达性方面带来的挑战导致了有界可推论安全性，这是一种新颖的安全模型和验证方法，通常适用于可描述为输入/输出自动机的系统。