Skip to main content
SpringerLink
Log in

A Language-Based Approach to Security

  • Chapter
  • First Online:
Informatics

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2000))

Abstract

Language-based security leverages program analysis and program rewriting to enforce security policies. The approach promises efficient enforcement of fine-grained access control policies and depends on a trusted computing base of only modest size. This paper surveys progress and prospects for the area, giving overviews of in-lined reference monitors, certifying compilers, and advances in type theory.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. B. Alpern and F.B. Schneider. Defining liveness. Information Processing Letters 21(4):181–185, Oct. 1985.

    Article  MATH  MathSciNet  Google Scholar 

  2. B. Bershad, S. Savage, P. Pardyak, E. Sirer, M. Fiuczynski, D. Becker, C. Chambers, and S. Eggers. Extensibility, safety and performance in the SPIN operating system. In Proc. 15th ACM Symp. on Operating System Principles (SOSP), pages 267–284, Copper Mountain, Dec. 1995.

    Google Scholar 

  3. R. L. Constable et al. Implementing Mathematics with the NuPRL Proof Development System. Prentice-Hall, 1986.

    Google Scholar 

  4. D. Engler, M. Kaashoek, and J. O’Toole. Exokernel: An operating system architecture for application-level resource management. In Proc. 15th ACM Symp. on Operating System Principles (SOSP), Copper Mountain, 1995.

    Google Scholar 

  5. U. Erlingsson and F. B. Schneider. SASI enforcement of security policies: A retrospective. In Proceedings of the New Security Paradigms Workshop, Ontario, Canada, Sept. 1999.

    Google Scholar 

  6. U. Erlingsson and F. B. Schneider. IRM enforcement of java stack inspection. In IEEE Symposium on Security and Privacy, Oakland, California, May 2000.

    Google Scholar 

  7. R. Harper, F. Honsell, and G. Plotkin. A fram ework for defining logics. Journal of the ACM, 40(1):143–184, Jan. 1993.

    Article  MATH  MathSciNet  Google Scholar 

  8. L. Lamport. Proving the correctness ofm ultiprocess programs. IEEE Transactions on Software Engineering, SE-3(2):125–143, March 1977.

    Article  MathSciNet  Google Scholar 

  9. L. Lamport. Logical Foundation. In Distributed Systems-Methods and Tools for Specification, pages 119–130, Lecture Notes in Computer Science, Vol 190. M. Paul and H.J. Siegert, editors. Springer-Verlag, 1985, New York.

    Google Scholar 

  10. J. McLean. A general theory ofc omposition for trace sets closed under selective interleaving functions. In Proc. 1994 IEEE Computer Society Symposium on Research in Security and Privacy, pages 79–93, Oakland, Calif., May 1994.

    Google Scholar 

  11. G. Morrisett, D. Walker, K. Crary, and N. Glew. From System F to typed assembly language. In Proc. 25th ACM Symp. on Principles of Programming Languages (POPL), pages 85–97, San Diego California, USA, January 1998.

    Google Scholar 

  12. G. Morrisett, D. Walker, K. Crary, and N. Glew. From System F to typed assembly language. ACM Transactions on Programming Languages and Systems, 21(3):528–569, May 1999.

    Article  Google Scholar 

  13. G. C. Necula and P. Lee. Safe kernel extensions without run-time checking. In Proceedings of Operating System Design and Implementation, pages 229–243, Seattle, Oct. 1996.

    Google Scholar 

  14. G. C. Necula. Proof-carrying code. In Proc. 24th ACM Symp. on Principles of Programming Languages (POPL), pages 106–119, Jan. 1997.

    Google Scholar 

  15. J. Saltzer and M. Schroeder. The protection ofi nformation in computer systems. Proceedings of the IEEE, 9(63), Sept. 1975.

    Google Scholar 

  16. F. B. Schneider, editor. Trust in Cyberspace. National Academy Press, Washington, D.C., 1999.

    Google Scholar 

  17. F. B. Schneider. Enforceable security policies. ACM Transactions on Information and System Security, 2(4), Mar. 2000.

    Google Scholar 

  18. M. Seltzer, Y. Endo, C. Small, and K. Smith. Dealing with disaster: Surviving misbehaved kernel extensions. In Proc. USENIX Symp. on Operating Systems Design and Implementation (OSDI), pages 213–227, Seattle, Washington, Oct. 1996.

    Google Scholar 

  19. D. Tarditi, G. Morrisett, P. Cheng, C. Stone, R. Harper, and P. Lee. TIL: A typedirected optimizing compiler for ML. In ACM Conf. on Programming Language Design and Implementation, pages 181–192, Philadelphia, May 1996.

    Google Scholar 

  20. R. Wahbe, S. Lucco, T. Anderson, and S. Graham. Efficient software-based fault isolation. In Proc. 14th ACM Symp. on Operating System Principles (SOSP), pages 203–216, Asheville, Dec. 1993.

    Google Scholar 

  21. H. Xi and F. Pfenning. Eliminating array bound checking through dependent types. In Proc. ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 249–257, Montreal Canada, June 1998.

    Google Scholar 

  22. E. Yasuhiro, J. Gwertzman, M. Seltzer, C. Small, K.A. Smith, and D. Tang. VINO: The 1994 fall harvest. Technical Report TR-34-94, Harvard Computer Center for Research in Computing Technology, 1994.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cornell University, Ithaca, NY

    Fred B. Schneider & Greg Morrisett

  2. Carnegie Mellon University, Pittsburgh, PA

    Robert Harper

Authors
  1. Fred B. Schneider
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Greg Morrisett
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Robert Harper
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. FR Informatik, Universität des Saarlandes, Postfach 15 11 50, 66041, Saarbrücken, Germany

    Reinhard Wilhelm

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Schneider, F.B., Morrisett, G., Harper, R. (2001). A Language-Based Approach to Security. In: Wilhelm, R. (eds) Informatics. Lecture Notes in Computer Science, vol 2000. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44577-3_6

Download citation

  • DOI: https://doi.org/10.1007/3-540-44577-3_6

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-41635-7

  • Online ISBN: 978-3-540-44577-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation