Programming Language Design - Issues in Web Programming and Security
Licentiatavhandling, 2006
This thesis consists of two separate parts. Both concern
programming language design, the first in the domain of
web programming and the other for security.
The first part consists of two papers, both discussing
various aspects of how to extend the general purpose
programming language Haskell to make it serve as a
specialized scripting language for writing dynamic
web pages. The first paper in this area concerns one specific
theoretic aspect of this extension, namely how to extend
Haskell with regular expression pattern matching. We discuss
syntax, typing and semantics for regular expression patterns,
and show an implementation of the system in Haskell.
In the second paper we give an overview of Haskell
Server Pages, an extension of Haskell for writing dynamic
web pages. Then we go on to discuss how to implement
the runtime system of this language by using on-request
compilation and dynamic loading of pages into a running
server application.
The second part of the thesis concerns security, and in particular
language-based information flow security. We show a
calculus, based on $\lambda$-calculus with references,
that allows dynamic changes to the flow policies of a
program during execution. We also give a type system
for the calculus that tracks valid flows, and a semantics.
To prove that our type system is sound, we define a
non-interference-like semantic security property and
prove that it is implied by the type system using a
bisimulation-style proof.
Our aim with the calculus is to provide a core calculus
that can be used to explain properties of other systems.
To establish it as such, we also show how to encode various
other similar systems in our calculus.
calculus
web programming
security
bisimulation
core calculus
regular expressions
Functional programming
non-interference
dynamic loading