A Policy Semantics and a Programming Language for Securing Software
Licentiatavhandling, 2014

The work presented in this thesis contributes to the information flow policy specification language Paralocks and the enforcement of Paralocks policies in the programming language Paragon. The thesis starts with a programming tutorial on Paragon. The tutorial aims to make Paragon accessible for programmers without any familiarity with information flow theory. We gradually introduce the Java programmer to various information flow concepts using the Paragon programming lan- guage. The tutorial also provides information and design patterns needed to set up realistic software applications in Paragon. Next we focus our attention on the design and implementation of Paragon. We discuss how the Paralocks language is generalised to integrate more tightly with Java’s object-oriented programming style, on which Paragon is built. Combined with the dynamic nature of Paralocks policies, Paragon promises to be a flexible and expressive programming language. Finally we present an alternative semantics for Paralocks, based on the declarative language Datalog. Compared to Paralocks’ original semantics, the Datalog-inspired semantics provides a more natural and intuitive inter- pretation for Paralocks policies. We show that the new semantics coincides with the original semantics. It also allows us to adopt Datalog extensions and algorithms into Paralocks and Paragon.

datalog

static enforcement

security policy language

information flow

room EB, ED&IT building, Rännvägen 6B, Chalmers
Opponent: Karthikeyan Bhargavan

Författare

Bart van Delft

Chalmers, Data- och informationsteknik, Programvaruteknik

Paragon for Practical Programming with Information-Flow Control

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),; Vol. 8301(2013)p. 217-232

Paper i proceeding

A Datalog Semantics for Paralocks

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),; Vol. 7783(2013)p. 305-320

Paper i proceeding

Styrkeområden

Informations- och kommunikationsteknik

Ämneskategorier

Data- och informationsvetenskap

Technical report L - Department of Computer Science and Engineering, Chalmers University of Technology and Göteborg University: 16

room EB, ED&IT building, Rännvägen 6B, Chalmers

Opponent: Karthikeyan Bhargavan

Mer information

Skapat

2017-10-06