A framework for defining logics
Journal of the ACM (JACM)
Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Extensibility safety and performance in the SPIN operating system
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
TIL: a type-directed optimizing compiler for ML
PLDI '96 Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation
Safe kernel extensions without run-time checking
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
From system F to typed assembly language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A type system for Java bytecode subroutines
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Privacy on the line: the politics of wiretapping and encryption
Privacy on the line: the politics of wiretapping and encryption
Eliminating array bound checking through dependent types
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
The design and implementation of a certifying compiler
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
A simple, comprehensive type system for Java bytecode subroutines
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Type-safe linking and modular assembly language
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Typed memory management in a calculus of capabilities
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A type system for expressive security policies
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
Trust in Cyberspace
Java Virtual Machine Specification
Java Virtual Machine Specification
Towards Fault-Tolerant and Secure Agentry
WDAG '97 Proceedings of the 11th International Workshop on Distributed Algorithms
Stack-Based Typed Assembly Language
TIC '98 Proceedings of the Second International Workshop on Types in Compilation
Safe, Untrusted Agents Using Proof-Carrying Code
Mobile Agents and Security
Efficient Representation and Validation of Proofs
LICS '98 Proceedings of the 13th Annual IEEE Symposium on Logic in Computer Science
Efficient Code Certification
Enforceable Security Policies
Java Security: From HotJava to Netscape and Beyond
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Compiling with proofs
ICFEM '02 Proceedings of the 4th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
A type system for access control views in object-oriented languages
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P'2002), Part 1
Editorial: Recent developments in high performance computing and security: An editorial
Future Generation Computer Systems
| Hi-index | 0.00 |
Security of mobile code is a major issue in today's global computing environment. When you download a program from an untrusted source, how can you be sure it will not do something undesirable? In this paper I will discuss a particular approach to this problem called language-based security. In this approach, security information is derived from a program written in a high-level language during the compilation process and is included in the compiled object. This extra security information can take the form of a formal proof, a type annotation, or some other form of certificate or annotation. It can be downloaded along with the object code and automatically verified before running the code locally, giving some assurance against certain types of failure or unauthorized activity. The verifier must be trusted, but the compiler, code, and certificate need not be. Java bytecode verification is an example of this approach. I will give an overview of some recent work in this area, including a particular effort in which we are trying to make the production of certificates and the verification as efficient and invisible as possible.