Preliminary design of JML: a behavioral interface specification language for java
ACM SIGSOFT Software Engineering Notes
Polymorphism and separation in hoare type theory
Proceedings of the eleventh ACM SIGPLAN international conference on Functional programming
Formal verification of a realistic compiler
Communications of the ACM - Barbara Liskov: ACM's A.M. Turing Award Winner
Effective interactive proofs for higher-order imperative programs
Proceedings of the 14th ACM SIGPLAN international conference on Functional programming
Toward a verified relational database management system
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
| Hi-index | 0.00 |
Today, the majority of security errors in software systems are due to implementation errors, as opposed to flaws in fundamental algorithms (e.g., cryptography). Type-safe languages, such as Java, help rule out a class of these errors, such as code-injection through buffer overruns. But attackers simply shift to implementation flaws above the level of the primitive operations of the language (e.g., SQL-injection attacks). Thus, next-generation languages need type systems that can express and enforce application-specific security policies.