coq-club AT inria.fr
Subject: The Coq mailing list
List archive
- From: Jim Fehrle <jfehrle AT sbcglobal.net>
- To: "coq-club AT inria.fr" <coq-club AT inria.fr>
- Subject: Re: [Coq-Club] Verification of GUIs in Coq
- Date: Tue, 10 Oct 2017 17:54:39 +0000 (UTC)
- Authentication-results: mail2-smtp-roc.national.inria.fr; spf=None smtp.pra=jfehrle AT sbcglobal.net; spf=None smtp.mailfrom=jfehrle AT sbcglobal.net; spf=None smtp.helo=postmaster AT sonic309-24.consmr.mail.ne1.yahoo.com
- Ironport-phdr: 9a23:CBoeLBDYv56vT0AK/pgDUyQJP3N1i/DPJgcQr6AfoPdwSP75p8bcNUDSrc9gkEXOFd2Crakb26yL6+jJYi8p39WoiDg6aptCVhsI2409vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6i760TlHUB74LE9+Ivn/Mo/UlcW+ke6osdWHaAJRwTG5fLlaLROsrAyXuNNA0rFvMqIg9hycgHpNM8pbxXlsKBrHnRjx5t208bZ4+S9fv/Ur/soGV6jmKfcWV7tdWRYnNigb6c3xsRSLGQmB63sGVmg+iRBDDAzC5hj+GJH8rn2p5aJGxCCGMJiuHvgPUjO44vIzRQ==
I would agree with Abhishek. I would add that if the GUI is running in a web browser, the browser should be treated as insecure. Most browsers have debuggers that allow examination of local data. Also some browsers are open source--they could easily be modified by a hacker to do anything. If your app needs to be secure, the server should always validate requests coming from the client.
From: Abhishek Anand <abhishek.anand.iitg AT gmail.com>
To: coq-club <coq-club AT inria.fr>
Sent: Tuesday, October 10, 2017 1:37 PM
Subject: Re: [Coq-Club] Verification of GUIs in Coq
I am curious what you want to prove about GUIs.
In the healthcare domain, I guess privacy is the biggest concern.
I think that a pragmatic approach is to push these concerns to the backend, whose semantics seem much easier to define than the frontends (GUIs) that interact with humans who are too complex creatures to formally reason about.
For example, it may be possible to just argue that the backend, when communicating with the frontend, never reveals sensitive information. Thus, the frontend, in whatever ways it renders the graphics, cannot reveal sensitive information.
I guess the following work is an example:
-- Abhishek
http://www.cs.cornell.edu/~aa7 55/On Mon, Oct 9, 2017 at 8:30 PM, stvienna wiener <stvienna AT gmail.com> wrote:
Hello everyone,
We are verifying GUI applications from the healthcare domain (e.g.,
healthcare processes) in Agda. Is there any related work in Coq? My
searches mostly return papers on how to write GUI front-ends to
theorem provers/Coq but not how to verify GUIs.
Thanks & best regards,
Stephan
- [Coq-Club] Verification of GUIs in Coq, stvienna wiener, 10/10/2017
- Re: [Coq-Club] Verification of GUIs in Coq, Matthieu Sozeau, 10/10/2017
- Re: [Coq-Club] Verification of GUIs in Coq, Abhishek Anand, 10/10/2017
- Re: [Coq-Club] Verification of GUIs in Coq, Jim Fehrle, 10/10/2017
- Re: [Coq-Club] Verification of GUIs in Coq, Daniel Schepler, 10/10/2017
- Re: [Coq-Club] Verification of GUIs in Coq, Valentin Robert, 10/10/2017
- Re: [Coq-Club] Verification of GUIs in Coq, Pierre Courtieu, 10/11/2017
- Re: [Coq-Club] Verification of GUIs in Coq, David MENTRÉ, 10/30/2017
- Re: [Coq-Club] Verification of GUIs in Coq, Valentin Robert, 10/10/2017
Archive powered by MHonArc 2.6.18.