An algebraic basis for specifying and enforcing access control in security systems

Security services in a multi-user environment are often based on access control mechanisms. Static aspects of an access control policy can be formalised using abstract algebraic models. We integrate these static aspects into a dynamic framework considering requesting access to resources as a process aiming at the prevention of access control violations when a program is executed. We use another algebraic technique, monads, as a meta-language to integrate access control operations into a functional programming language. The integration of monads and concepts from a denotational model for process algebras provides a framework for programming of access control in security systems

Dynamic slicing of aspect oriented programs

As software application grows larger and become more complex, program maintenance activities such as adding new functionality, debugging and testing consume increasing amount of available resources for software development. In order to cope with this increased complexity, programmer need effective computer supported methods for decomposition and dependence analysis of programs. Program slicing is one method for such decomposition and dependence analysis. Program slicing is a decomposition technique which extracts program elements related to a particular computation from a program. A program slice consists of those parts of a program that may directly or indirectly affect the values computed at some program point of interest, referred to as a slicing criterion. A program slice can be static or dynamic. Static slice contains all the statements that may affect the slicing criterion for every possible inputs to the program. Dynamic slice contains only those statements that actually affect the slicing criterion for a particular input to the program. Aspect-oriented programming is a new programming technique proposed for cleanly modularizing the cross- cutting structure of concerns. An aspect is an area of concern that cuts across the structure of a program. The main idea behind aspect-oriented programming (AOP) is to allow a program to be constructed by describing each concern separately. Aspect J is an aspect-oriented extension to the Java programming language. Aspect J adds new concepts and associated constructs called join points, pointcuts, advices, introductions, and aspects to Java. Zhao developed the aspect-oriented system dependence graph (ASDG) to represent aspect-oriented programs and used two-pass slicing algorithm to compute static slice of aspect-oriented programs. But the disadvantage of his ASDG is that the weaving process is not represented correctly and this graph cannot be used for dynamic slicing. Our objective was to develop a suitable intermediate representation of an aspectoriented program and to develop suitable dynamic slicing technique

Gradual Liquid Type Inference

Liquid typing provides a decidable refinement inference mechanism that is convenient but subject to two major issues: (1) inference is global and requires top-level annotations, making it unsuitable for inference of modular code components and prohibiting its applicability to library code, and (2) inference failure results in obscure error messages. These difficulties seriously hamper the migration of existing code to use refinements. This paper shows that gradual liquid type inference---a novel combination of liquid inference and gradual refinement types---addresses both issues. Gradual refinement types, which support imprecise predicates that are optimistically interpreted, can be used in argument positions to constrain liquid inference so that the global inference process e effectively infers modular specifications usable for library components. Dually, when gradual refinements appear as the result of inference, they signal an inconsistency in the use of static refinements. Because liquid refinements are drawn from a nite set of predicates, in gradual liquid type inference we can enumerate the safe concretizations of each imprecise refinement, i.e. the static refinements that justify why a program is gradually well-typed. This enumeration is useful for static liquid type error explanation, since the safe concretizations exhibit all the potential inconsistencies that lead to static type errors. We develop the theory of gradual liquid type inference and explore its pragmatics in the setting of Liquid Haskell.Comment: To appear at OOPSLA 201

A Design for a Security-typed Language with Certificate-based Declassification

This paper presents a calculus that supports information-flow security policies and certificate-based declassification. The decentralized label model and its downgrading mechanisms are concisely expressed in the polymorphic lambda calculus with subtyping (System F≾). We prove a conditioned version of the noninterference theorem such that authorization for declassification is justified by digital certificates from public-key infrastructures

Heap Abstractions for Static Analysis

Heap data is potentially unbounded and seemingly arbitrary. As a consequence, unlike stack and static memory, heap memory cannot be abstracted directly in terms of a fixed set of source variable names appearing in the program being analysed. This makes it an interesting topic of study and there is an abundance of literature employing heap abstractions. Although most studies have addressed similar concerns, their formulations and formalisms often seem dissimilar and some times even unrelated. Thus, the insights gained in one description of heap abstraction may not directly carry over to some other description. This survey is a result of our quest for a unifying theme in the existing descriptions of heap abstractions. In particular, our interest lies in the abstractions and not in the algorithms that construct them. In our search of a unified theme, we view a heap abstraction as consisting of two features: a heap model to represent the heap memory and a summarization technique for bounding the heap representation. We classify the models as storeless, store based, and hybrid. We describe various summarization techniques based on k-limiting, allocation sites, patterns, variables, other generic instrumentation predicates, and higher-order logics. This approach allows us to compare the insights of a large number of seemingly dissimilar heap abstractions and also paves way for creating new abstractions by mix-and-match of models and summarization techniques.Comment: 49 pages, 20 figure