Regulating Data Exchange in Service Oriented Applications

We define a type system for COWS, a formalism for specifying and combining services, while modelling their dynamic behaviour. Our types permit to express policies constraining data exchanges in terms of sets of service partner names attachable to each single datum. Service programmers explicitly write only the annotations necessary to specify the wanted policies for communicable data, while a type inference system (statically) derives the minimal additional annotations that ensure consistency of services initial configuration. Then, the language dynamic semantics only performs very simple checks to authorize or block communication. We prove that the type system and the operational semantics are sound. As a consequence, we have the following data protection property: services always comply with the policies regulating the exchange of data among interacting services. We illustrate our approach through a simplified but realistic scenario for a service-based electronic marketplace

A Type-Based Complexity Analysis of Object Oriented Programs

A type system is introduced for a generic Object Oriented programming language in order to infer resource upper bounds. A sound andcomplete characterization of the set of polynomial time computable functions is obtained. As a consequence, the heap-space and thestack-space requirements of typed programs are also bounded polynomially. This type system is inspired by previous works on ImplicitComputational Complexity, using tiering and non-interference techniques. The presented methodology has several advantages. First, itprovides explicit big $O$ polynomial upper bounds to the programmer, hence its use could allow the programmer to avoid memory errors.Second, type checking is decidable in polynomial time. Last, it has a good expressivity since it analyzes most object oriented featureslike inheritance, overload, override and recursion. Moreover it can deal with loops guarded by objects and can also be extended tostatements that alter the control flow like break or return.Comment: Information and Computation, Elsevier, A Para\^itre, pp.6

Incremental Confined Types Analysis

Research related to alias protection and related concepts, such as, confined types and ownership types has a long tradition and is a promising concept for the design and implementation of more reliable and secure software. Unfortunately, the use of these concepts is not widespread as most implementations are proofs of concept and fall short with respect to the integration with standard software development tools and processes. In this paper, we discuss an implementation of confined types based on Java 5 annotations. The contribution of this paper is twofold: First, we discuss the incrementalization of the confined types analysis and second, we present the integration of the analysis into Eclipse using the static analysis platform Magellan