On abstraction and the expressive power of programming languages
TACS'91 Selected papers of the conference on Theoretical aspects of computer software
Protection in programming languages
Communications of the ACM
Secure implementation of channel abstractions
Information and Computation
Protection in Programming-Language Translations
ICALP '98 Proceedings of the 25th International Colloquium on Automata, Languages and Programming
A bisimulation for type abstraction and recursion
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Eager Normal Form Bisimulation
LICS '05 Proceedings of the 20th Annual IEEE Symposium on Logic in Computer Science
Securing the .NET programming model
Theoretical Computer Science - Applied semantics
Typed closure conversion preserves observational equivalence
Proceedings of the 13th ACM SIGPLAN international conference on Functional programming
An Operational Semantics for JavaScript
APLAS '08 Proceedings of the 6th Asian Symposium on Programming Languages and Systems
Links: web programming without tiers
FMCO'06 Proceedings of the 5th international conference on Formal methods for components and objects
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
On Protection by Layout Randomization
CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
ConScript: Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
ECOOP'10 Proceedings of the 24th European conference on Object-oriented programming
Automated Analysis of Security-Critical JavaScript APIs
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Secure distributed programming with value-dependent types
Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
Secure Compilation to Modern Processors
CSF '12 Proceedings of the 2012 IEEE 25th Computer Security Foundations Symposium
A tested semantics for getters, setters, and eval in JavaScript
Proceedings of the 8th symposium on Dynamic languages
Increasing human-tool interaction via the web
Proceedings of the 11th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering
Verifying higher-order programs with the dijkstra monad
Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation
Language-based defenses against untrusted browser origins
SEC'13 Proceedings of the 22nd USENIX conference on Security
A trusted mechanised JavaScript specification
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Gradual typing embedded securely in JavaScript
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Hi-index | 0.00 |
Many tools allow programmers to develop applications in high-level languages and deploy them in web browsers via compilation to JavaScript. While practical and widely used, these compilers are ad hoc: no guarantee is provided on their correctness for whole programs, nor their security for programs executed within arbitrary JavaScript contexts. This paper presents a compiler with such guarantees. We compile an ML-like language with higher-order functions and references to JavaScript, while preserving all source program properties. Relying on type-based invariants and applicative bisimilarity, we show full abstraction: two programs are equivalent in all source contexts if and only if their wrapped translations are equivalent in all JavaScript contexts. We evaluate our compiler on sample programs, including a series of secure libraries.