Reasoning about programs in continuation-passing style
Lisp and Symbolic Computation - Special issue on continuations—part I
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Dependent types in practical programming
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A calculus for cryptographic protocols
Information and Computation
Science of Computer Programming - Special issue on mathematics of program construction
The influence of browsers on evaluators or, continuations to program web servers
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
Writing Secure Code
Typing correspondence assertions for communication protocols
Theoretical Computer Science
A Semantic Model for Authentication Protocols
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
From sequential programs to multi-tier applications by program transformation
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Validating a web service security abstraction by typing
Formal Aspects of Computing
Validating a web service security abstraction by typing
Formal Aspects of Computing
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Hilda: A High-Level Language for Data-DrivenWeb Applications
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
HOP: achieving efficient anonymity in MANETs by combining HIP, OLSR, and pseudonyms
Companion to the 21st ACM SIGPLAN symposium on Object-oriented programming systems, languages, and applications
Secure web applications via automatic partitioning
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Implementation and use of the PLT scheme Web server
Higher-Order and Symbolic Computation
Cryptographically sound implementations for typed information-flow security
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Refinement Types for Secure Implementations
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Fable: A Language for Enforcing User-defined Security Policies
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Links: web programming without tiers
FMCO'06 Proceedings of the 5th international conference on Formal methods for components and objects
Type-safe distributed programming with ML5
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Computational secrecy by typing for the pi calculus
APLAS'06 Proceedings of the 4th Asian conference on Programming Languages and Systems
Authentication by correspondence
IEEE Journal on Selected Areas in Communications
Symbolic security analysis of ruby-on-rails web applications
Proceedings of the 17th ACM conference on Computer and communications security
Refinement types for secure implementations
ACM Transactions on Programming Languages and Systems (TOPLAS)
Type-based access control in data-centric systems
ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
Cryptographic verification by typing for a sample protocol implementation
Foundations of security analysis and design VI
Recent developments in low-level software security
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
Hi-index | 0.00 |
Storing state in the client tier (in forms or cookies, for example) improves the efficiency of a web application, but it also renders the secrecy and integrity of stored data vulnerable to untrustworthy clients. We study this general problem in the context of the Links multi-tier programming language. Like other systems, Links stores unencrypted application data, including web continuations, on the client tier; hence, Links is open to attacks that expose secrets, and modify control flow and application data. We characterise these attacks as failures of the general principle that ecurity properties of multi-tier applications should follow from review of the source code (as opposed to the detailed study of the files compiled for each tier, for example). We eliminate these threats by augmenting the Links compiler to encrypt and authenticate any data stored on the client. We model this compilation strategy as a translation from a core fragment of the language to a concurrent lambda-calculus equipped with a formal representation of cryptography. To formalize source-level reasoning about Links programs, we define a type-and-effect system for our core language; our implementation can machine-check various integrity properties of the source code. By appeal to a recent system of refinement types for secure implementations, we show that our compilation strategy guarantees all the properties provable by our type-and-effect system.