ACM Transactions on Programming Languages and Systems (TOPLAS)
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Journal of the ACM (JACM)
Implicit parameters: dynamic scoping with static types
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ACM Computing Surveys (CSUR)
A Tiny Constrain Functional Logic Language and Its Continuation Semantics
ESOP '94 Proceedings of the 5th European Symposium on Programming: Programming Languages and Systems
Improving Control of Logic Programs by Using Functional Logic Languages
PLILP '92 Proceedings of the 4th International Symposium on Programming Language Implementation and Logic Programming
Data structure repair using goal-directed reasoning
Proceedings of the 27th international conference on Software engineering
Improving application security with data flow assertions
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Proceedings of the 24th ACM SIGPLAN conference companion on Object oriented programming systems languages and applications
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
PLDI '10 Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation
Type-preserving compilation of end-to-end verification of security enforcement
PLDI '10 Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation
Noninterference through Secure Multi-execution
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Falling back on executable specifications
ECOOP'10 Proceedings of the 24th European conference on Object-oriented programming
Static checking of dynamically-varying security policies in database-backed applications
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Proving acceptability properties of relaxed nondeterministic approximate programs
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Taking satisfiability to the next level with z3
IJCAR'12 Proceedings of the 6th international joint conference on Automated Reasoning
Faceted execution of policy-agnostic programs
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Model-based, event-driven programming paradigm for interactive web applications
Proceedings of the 2013 ACM international symposium on New ideas, new paradigms, and reflections on programming & software
Lessons learned with PCF: scaling secure computation
Proceedings of the First ACM workshop on Language support for privacy-enhancing technologies
Hi-index | 0.00 |
It is becoming increasingly important for applications to protect sensitive data. With current techniques, the programmer bears the burden of ensuring that the application's behavior adheres to policies about where sensitive values may flow. Unfortunately, privacy policies are difficult to manage because their global nature requires coordinated reasoning and enforcement. To address this problem, we describe a programming model that makes the system responsible for ensuring adherence to privacy policies. The programming model has two components: 1) core programs describing functionality independent of privacy concerns and 2) declarative, decentralized policies controlling how sensitive values are disclosed. Each sensitive value encapsulates multiple views; policies describe which views are allowed based on the output context. The system is responsible for automatically ensuring that outputs are consistent with the policies. We have implemented this programming model in a new functional constraint language named Jeeves. In Jeeves, sensitive values are introduced as symbolic variables and policies correspond to constraints that are resolved at output channels. We have implemented Jeeves as a Scala library using an SMT solver as a model finder. In this paper we describe the dynamic and static semantics of Jeeves and the properties about policy enforcement that the semantics guarantees. We also describe our experience implementing a conference management system and a social network.