Abstract types have existential type
ACM Transactions on Programming Languages and Systems (TOPLAS)
Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Manifest types, modules, and separate compilation
POPL '94 Proceedings of the 21st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A type-theoretic approach to higher-order modules with sharing
POPL '94 Proceedings of the 21st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A syntactic approach to type soundness
Information and Computation
Compiling polymorphism using intensional type analysis
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Abstract models of memory management
FPCA '95 Proceedings of the seventh international conference on Functional programming languages and computer architecture
POPL '96 Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Safe kernel extensions without run-time checking
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Model checking for programming languages using VeriSoft
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
From system F to typed assembly language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Security properties of typed applets
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Eliminating array bound checking through dependent types
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
The design and implementation of a certifying compiler
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Intensional polymorphism in type-erasure semantics
ICFP '98 Proceedings of the third ACM SIGPLAN international conference on Functional programming
Dependent types in practical programming
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Representing Java classes in a typed intermediate language
Proceedings of the fourth ACM SIGPLAN international conference on Functional programming
From system F to typed assembly language
ACM Transactions on Programming Languages and Systems (TOPLAS)
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
Java Virtual Machine Specification
Java Virtual Machine Specification
Introduction To Automata Theory, Languages, And Computation
Introduction To Automata Theory, Languages, And Computation
Requirements monitoring in dynamic environments
RE '95 Proceedings of the Second IEEE International Symposium on Requirements Engineering
Efficient Code Certification
Enforceable Security Policies
A Type System for Expressive Security Policies
A Type System for Expressive Security Policies
Alias Types
Dependent types in practical programming
Dependent types in practical programming
Policy-directed code safety
A tool for constructing safe extensible C++ systems
COOTS'97 Proceedings of the 3rd conference on USENIX Conference on Object-Oriented Technologies (COOTS) - Volume 3
Enforcing trace properties by program transformation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Static enforcement of security with types
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
Typed memory management via static capabilities
ACM Transactions on Programming Languages and Systems (TOPLAS)
A type system for certified binaries
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
An expressive, scalable type theory for certified code
Proceedings of the seventh ACM SIGPLAN international conference on Functional programming
Automated techniques for provably safe mobile code
Theoretical Computer Science - Dependable computing
Enforcing Safety Properties Using Type Specialization
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
A Systematic Approach to Static Access Control
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
MFCS '99 Proceedings of the 24th International Symposium on Mathematical Foundations of Computer Science
An Introduction to Dependent Type Theory
Applied Semantics, International Summer School, APPSEM 2000, Caminha, Portugal, September 9-15, 2000, Advanced Lectures
Java Bytecode Verification: An Overview
CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
Java Bytecode Verification: Algorithms and Formalizations
Journal of Automated Reasoning
Program specialization for execution monitoring
Journal of Functional Programming
Securing web application code by static analysis and runtime protection
Proceedings of the 13th international conference on World Wide Web
Synthesis of interface specifications for Java classes
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Mutatis mutandis: safe and predictable dynamic software updating
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Interfaces for stack inspection
Journal of Functional Programming
A type system for certified binaries
ACM Transactions on Programming Languages and Systems (TOPLAS)
A systematic approach to static access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Trace effects and object orientation
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Certified In-lined Reference Monitoring on .NET
Proceedings of the 2006 workshop on Programming languages and analysis for security
JavaScript instrumentation for browser security
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Mutatis Mutandis: Safe and predictable dynamic software updating
ACM Transactions on Programming Languages and Systems (TOPLAS)
Language-Based Program Verification via Expressive Types
Electronic Notes in Theoretical Computer Science (ENTCS)
Science of Computer Programming
Supporting Security Monitor-Aware Development
SESS '07 Proceedings of the Third International Workshop on Software Engineering for Secure Systems
On optimizing compatible security policies in wireless networks
EURASIP Journal on Wireless Communications and Networking
Secure virtual architecture: a safe execution environment for commodity operating systems
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
A flexible security architecture to support third-party applications on mobile devices
Proceedings of the 2007 ACM workshop on Computer security architecture
Types and trace effects of higher order programs
Journal of Functional Programming
Verified enforcement of stateful information release policies
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Efficient software model checking of soundness of type systems
Proceedings of the 23rd ACM SIGPLAN conference on Object-oriented programming systems languages and applications
Run-Time Enforcement of Nonsafety Policies
ACM Transactions on Information and System Security (TISSEC)
Types and trace effects for object orientation
Higher-Order and Symbolic Computation
Verified enforcement of stateful information release policies
ACM SIGPLAN Notices
Security enforcement aware software development
Information and Software Technology
Local policies for resource usage analysis
ACM Transactions on Programming Languages and Systems (TOPLAS)
Lightweight linear types in system f°
Proceedings of the 5th ACM SIGPLAN workshop on Types in language design and implementation
Provably correct inline monitoring for multithreaded Java-like programs
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
Types and Effects for resource usage analysis
FOSSACS'07 Proceedings of the 10th international conference on Foundations of software science and computational structures
Computer security from a programming language and static analysis perspective
ESOP'03 Proceedings of the 12th European conference on Programming
Fundamenta Informaticae - Dependently Typed Programming
Checking risky events is enough for local policies
ICTCS'05 Proceedings of the 9th Italian conference on Theoretical Computer Science
Malware: from modelling to practical detection
ICDCIT'10 Proceedings of the 6th international conference on Distributed Computing and Internet Technology
History-based access control with local policies
FOSSACS'05 Proceedings of the 8th international conference on Foundations of Software Science and Computation Structures
Resource-Safe systems programming with embedded domain specific languages
PADL'12 Proceedings of the 14th international conference on Practical Aspects of Declarative Languages
Aspect-Oriented runtime monitor certification
TACAS'12 Proceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Programming and reasoning with algebraic effects and dependent types
Proceedings of the 18th ACM SIGPLAN international conference on Functional programming
FASER Formal and Automatic Security Enforcement by Rewriting by BPA algebra with test
International Journal of Grid and Utility Computing
Hi-index | 0.00 |
Certified code is a general mechanism for enforcing security properties. In this paradigm, untrusted mobile code carries annotations that allow a host to verify its trustworthiness. Before running the agent, the host checks the annotations and proves that they imply the host's security policy. Despite the flexibility of this scheme, so far, compilers that generate certified code have focused on simple type safety properties rather than more general security properties.Security automata can specify an expressive collection of security policies including access control and resource bounds. In this paper, we describe how to instrument well-typed programs with security checks and typing annotations. The resulting programs obey the policies specified by security automata and can be mechanically checked for safety. This work provides a foundation for the process of automatically generating certified code for expressive security policies.