Dynamic IFC Theorems for Free!

We show that noninterference and transparency, the key soundness theorems for dynamic IFC libraries, can be obtained "for free", as direct consequences of the more general parametricity theorem of type abstraction. This allows us to give very short soundness proofs for dynamic IFC libraries such as faceted values and LIO. Our proofs stay short even when fully mechanized for Agda implementations of the libraries in terms of type abstraction.Comment: CSF 2021 final versio

Implementation of Faceted Values in Node.JS.

Information flow analysis is the study of mechanisms by which developers may protect sensitive data within an ecosystem containing untrusted third-party code. Secure multi-execution is one such mechanism that reliably prevents undesirable information flows, but a programmer’s use of secure multi-execution is itself challenging and prone to error. Faceted values have been shown to provide an alternative to secure multi-execution which is, in theory, functionally equivalent. The purpose of this work is to show that the theory holds in practice by implementing usable faceted values in JavaScript via source code transformation. The primary contribution of this project is to provide a library that makes these transformations possible in any standard JavaScript runtime without requiring native support. We build a pipeline that takes JavaScript code with syntactic support for faceted values and, through source code transformation, produces platform-independent JavaScript code containing functional faceted values. Our findings include a method by which we may optimize the use of faceted values through static analysis of the program’s information flow

Spot the Difference: Secure Multi-Execution and Multiple Facets

International audienceWe propose a rigorous comparison of two widely known dynamic information flow mechanisms: Secure Multi-Execution (SME) and Multiple Facets (MF). Informally, it is believed that MF simulates SME while providing better performance. Formally, it is well known that SME has stronger soundness guarantees than MF. Surprisingly, we discover that even if we approach them to enforce the same soundness guarantees, they are still different. While modeling them in the same language, we are able to precisely identify the features of the semantics that lead to their differences. In the process of comparing them, we also discovered four new mechanisms that share features of MF and SME. We prove that one of them simulates SME, which was falsely believed to be true for MF

Theory and Practice of Action Semantics

Action Semantics is a framework for the formal descriptionof programming languages. Its main advantage over other frameworksis pragmatic: action-semantic descriptions (ASDs) scale up smoothly torealistic programming languages. This is due to the inherent extensibilityand modifiability of ASDs, ensuring that extensions and changes tothe described language require only proportionate changes in its description.(In denotational or operational semantics, adding an unforeseenconstruct to a language may require a reformulation of the entire description.)After sketching the background for the development of action semantics,we summarize the main ideas of the framework, and provide a simpleillustrative example of an ASD. We identify which features of ASDsare crucial for good pragmatics. Then we explain the foundations ofaction semantics, and survey recent advances in its theory and practicalapplications. Finally, we assess the prospects for further developmentand use of action semantics.The action semantics framework was initially developed at the Universityof Aarhus by the present author, in collaboration with David Watt(University of Glasgow). Groups and individuals scattered around fivecontinents have since contributed to its theory and practice

Expressing functional reactive programming in C++

Abstract. Most C++ programs are written in a straight-forward imperative style. While e.g. callbacks are employed either directly or through the observer pattern, the mental overhead of keeping program state congruent is high and increases with program size. This paper presents a translation of functional reactive programming into C++ terms. This paradigm originates from the Haskell language community and seeks to express easily how programs should react to new input. Concretely, an implementation of a reactive property class is presented, where property in this context is a class holding a value of a user-specified type. The property class provides a mechanism to bind to it an expression that takes an arbitrary number of inputs, some of which can be other instances of property classes. When any of these dependent properties is updated the expression is re-evaluated, so that a dataflow graph may be built using this type. The automatic re-evaluation reduces the boilerplate code necessary to update variables, which can lead to fewer programming errors and more concise programs. The implementation demonstrates that the core principles of functional reactive programming can be expressed in modern C++. Further, the implementation can be done in an idiomatic manner which appears familiar to C++ developers. At the same time, the implementation’s complexity highlights how much further the C++ meta-programming facilities must be developed to properly support facilities such as a functional reactive programming library implementation. A number of compile-time template metaprogramming utilities used in the implementation are also introduced

Integrating Side Effects in Variational Programs Using Algebraic Effects

Variational programming supports efficiently executing many related programs at once by encoding all of the programs in one "variational program" that captures the differences among them statically and explicitly. An open problem in variational programming is how to handle side effects—if two program variants perform different side effects, we cannot separate the effect of one variant from the other since the outside world is not variational. A potential solution is to create variation-aware execution environments for variational programs, for example, a variational file system that keeps track of file variants corresponding to program variants. However, it is infeasible to do this for all kinds of effects. Also, there are different ways to handle the interaction of effects and variation that are incompatible with each other, preventing a one-size-fits-all solution. In this thesis, we argue that algebraic effects can be used to resolve the problem of combining variation and effects by enabling programmers to flexibly and incrementally extend a variational programming environment to handle new kinds of effects. We present a proof-of-concept prototype in the Eff programming language that demonstrates how a variational programming environment can be extended to support file input/output. Crucially, such extensions are done at the library level, which enables handling new kinds of effects and handling existing effects in multiple ways, both of which are essential in variational programming applications

The Web of Corruption:A Tardean Analysis of the Shifting Constructions of the Elios Scandal in the Hungarian Online News Media

Although corruption portrayals within the news media have become a regularly analysed topic in Organisation and Management Studies, the construction of scandals within the online realm is still under-researched. Organisational scholars call for studies to analyse corruption in online media due to the highly participatory sense- making processes that distinguish this context from traditional press. Analysing scandalisation online is important because interactions in this realm define and curb corruption.This thesis responds to these points by exploring the co-production of corruption scandals within online news articles as occurring through narrative developments and hyperlink relations. To address the processual and participatory aspects of online corruption scandalisation, it engages with the theories of Gabriel Tarde. Particularly, the Tardean lens allows this thesis to analyse articles with their embedded hyperlinks as sense-making crossroads of information flows that accumulate into the rhythmical meanderings of scandal narratives.Empirically, the thesis focuses on the Hungarian organisational and political Elios scandal. It investigates the articles of the news outlets of Origo and Index, and their hyperlinks. Thematic analysis is used for studying the textual data, and argumentation analysis for the hyperlink interactions.This results in the identification of three narrative-construction periods: (1) scandalisation, (2) anti-scandalisation and moderation, and (3) counter- scandalisation. The thesis shows that hyperlinks play an important role in these meaning constructions. On the one hand, hyperlinks represent online sense-making channels, leading to reliable and relevant sources. However, through the avoidance of hyperlinking opposing arguments, these contribute to one-sided, meaning- constructions. Furthermore, the thesis demonstrates how the corruption scandal is gradually diverted and replaced with the sensationalist counter-scandalising Soros- narrative that provokes social currents, such as Antisemitism. Overall, this thesis contributes to the literature on corruption within the media by illustrating how hyperlinks and gradual narrative-developments are strategically used to shape the meaning-constructions around scandals