Lantian Zheng scite author profile

Web applications are now critical infrastructure. To improve the user interface, some application functionality is typically implemented as client-side JavaScript code. Currently there are no good methods for deciding when it is secure to move code and data to the client side. Swift is a new, principled approach to building web applications that are secure by construction. Application code is written as Java-like code annotated with information flow policies. This code is automatically partitioned between JavaScript code running in the browser, and Java code running on the server. Code and data are placed on the client side where possible. Security-critical code is placed on the server and user interface code is placed on the client. Code placement is constrained by high-level, declarative information flow policies that strongly enforce the confidentiality and integrity of server-side information.Web applications are hard to build because code and data needs to be partitioned to make them responsive. They are also hard to build because code and data need to be partitioned for security. Because of the connection (and tension) between the two problems, Swift addresses both at once, automatically partitioning application code while also providing assurance that the resulting placement is secure and efficient.

show abstract

Secure program partitioning

Zdancewic

Zheng

Nystrom

et al. 2002

ACM Trans. Comput. Syst.

125

View full text Add to dashboard Cite

This paper presents secure program partitioning, a language-based technique for protecting confidential data during computation in distributed systems containing mutually untrusted hosts. Confidentiality and integrity policies can be expressed by annotating programs with security types that constrain information flow; these programs can then be partitioned automatically to run securely on heterogeneously trusted hosts. The resulting communicating subprograms collectively implement the original program, yet the system as a whole satisfies the security requirements of participating principals without requiring a universally trusted host machine. The experience in applying this methodology and the performance of the resulting distributed code suggest that this is a promising way to obtain secure distributed computation.

show abstract

Untrusted hosts and confidentiality: secure program partitioning

Zdancewic

Zheng

Nystrom

et al.

View full text Add to dashboard Cite

Dynamic security labels and static information flow control

Zheng

Myers

2007

Int. J. Inf. Secur.

View full text Add to dashboard Cite

This paper presents a language in which information flow is securely controlled by a type system, yet the security class of data can vary dynamically. Information flow policies provide the means to express strong security requirements for data confidentiality and integrity. Recent work on security-typed programming languages has shown that information flow can be analyzed statically, ensuring that programs will respect the restrictions placed on data. However, real computing systems have security policies that cannot be determined at the time of program analysis. For example, a file has associated access permissions that cannot be known with certainty until it is opened. Although one security-typed programming language has included support for dynamic security labels, there has been no demonstration that a general mechanism for dynamic labels can securely control information flow. In this paper, we present an expressive language-based mechanism for reasoning about dynamic security labels. The mechanism is formally presented in a core language based on the typed lambda calculus; any well-typed program in this language is secure because it satisfies noninterference.

show abstract

Dynamic Security Labels and Noninterference (Extended Abstract)

Zheng

Myers

2005

View full text Add to dashboard Cite

This paper presents a language in which information flow is securely controlled by a type system, yet the security class of data can vary dynamically. Information flow policies provide the means to express strong security requirements for data confidentiality and integrity. Recent work on security-typed programming languages has shown that information flow can be analyzed statically, ensuring that programs will respect the restrictions placed on data. However, real computing systems have security policies that vary dynamically and that cannot be determined at the time of program analysis. For example, a file has associated access permissions that cannot be known with certainty until it is opened. Although one security-typed programming language has included support for dynamic security labels, there has been no demonstration that a general mechanism for dynamic labels can securely control information flow. In this paper, we present an expressive language-based mechanism for reasoning about dynamic security labels. The mechanism is formally presented in a core language based on the typed lambda calculus; any well-typed program in this language is provably secure because it satisfies noninterference.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Lantian Zheng

Secure web applications via automatic partitioning

Secure program partitioning

Untrusted hosts and confidentiality: secure program partitioning

Dynamic security labels and static information flow control

Dynamic Security Labels and Noninterference (Extended Abstract)

Contact Info

Product

Resources

About