Strongly Normalizing Audited Computation

Abstract

Auditing is an increasingly important operation for computer programming, for example in security (e.g. to enable history-based access control) and to enable reproducibility and accountability (e.g. provenance in scientific programming). Most proposed auditing techniques are ad hoc or treat auditing as a second-class, extralinguistic operation; logical or semantic foundations for auditing are not yet well-established. Justification Logic (JL) offers one such foundation; Bavera and Bonelli introduced a computational interpretation of JL called λh that supports auditing. However, λh is technically complex and strong normalization was only established for special cases. In addition, we show that the equational theory of λh is inconsistent. We introduce a new calculus λhc that is simpler than λh, consistent, and strongly normalizing. Our proof of strong normalization is formalized in Nominal Isabelle.