17,237 research outputs found
Information Flow Control in WebKit's JavaScript Bytecode
Websites today routinely combine JavaScript from multiple sources, both
trusted and untrusted. Hence, JavaScript security is of paramount importance. A
specific interesting problem is information flow control (IFC) for JavaScript.
In this paper, we develop, formalize and implement a dynamic IFC mechanism for
the JavaScript engine of a production Web browser (specifically, Safari's
WebKit engine). Our IFC mechanism works at the level of JavaScript bytecode and
hence leverages years of industrial effort on optimizing both the source to
bytecode compiler and the bytecode interpreter. We track both explicit and
implicit flows and observe only moderate overhead. Working with bytecode
results in new challenges including the extensive use of unstructured control
flow in bytecode (which complicates lowering of program context taints),
unstructured exceptions (which complicate the matter further) and the need to
make IFC analysis permissive. We explain how we address these challenges,
formally model the JavaScript bytecode semantics and our instrumentation, prove
the standard property of termination-insensitive non-interference, and present
experimental results on an optimized prototype
A formally verified compiler back-end
This article describes the development and formal verification (proof of
semantic preservation) of a compiler back-end from Cminor (a simple imperative
intermediate language) to PowerPC assembly code, using the Coq proof assistant
both for programming the compiler and for proving its correctness. Such a
verified compiler is useful in the context of formal methods applied to the
certification of critical software: the verification of the compiler guarantees
that the safety properties proved on the source code hold for the executable
compiled code as well
Heap Abstractions for Static Analysis
Heap data is potentially unbounded and seemingly arbitrary. As a consequence,
unlike stack and static memory, heap memory cannot be abstracted directly in
terms of a fixed set of source variable names appearing in the program being
analysed. This makes it an interesting topic of study and there is an abundance
of literature employing heap abstractions. Although most studies have addressed
similar concerns, their formulations and formalisms often seem dissimilar and
some times even unrelated. Thus, the insights gained in one description of heap
abstraction may not directly carry over to some other description. This survey
is a result of our quest for a unifying theme in the existing descriptions of
heap abstractions. In particular, our interest lies in the abstractions and not
in the algorithms that construct them.
In our search of a unified theme, we view a heap abstraction as consisting of
two features: a heap model to represent the heap memory and a summarization
technique for bounding the heap representation. We classify the models as
storeless, store based, and hybrid. We describe various summarization
techniques based on k-limiting, allocation sites, patterns, variables, other
generic instrumentation predicates, and higher-order logics. This approach
allows us to compare the insights of a large number of seemingly dissimilar
heap abstractions and also paves way for creating new abstractions by
mix-and-match of models and summarization techniques.Comment: 49 pages, 20 figure
Multimethods and separate static typechecking in a language with C++-like object model
The goal of this paper is the description and analysis of multimethod
implementation in a new object-oriented, class-based programming language
called OOLANG. The implementation of the multimethod typecheck and selection,
deeply analyzed in the paper, is performed in two phases in order to allow
static typechecking and separate compilation of modules. The first phase is
performed at compile time, while the second is executed at link time and does
not require the modules' source code. OOLANG has syntax similar to C++; the
main differences are the absence of pointers and the realization of
polymorphism through subsumption. It adopts the C++ object model and supports
multiple inheritance as well as virtual base classes. For this reason, it has
been necessary to define techniques for realigning argument and return value
addresses when performing multimethod invocations.Comment: 15 pages, 18 figure
Effective Aspects: A Typed Monadic Embedding of Pointcuts and Advice
International audienceAspect-oriented programming(AOP) aims to enhance modularity and reusability in software systems by offering an abstraction mechanism to deal with crosscutting concerns. However, in most general-purpose aspect languages aspects have almost unrestricted power, eventually conflicting with these goals. In this work we present Effective Aspects: a novel approach to embed the point- cut/advice model of AOP in a statically-typed functional programming language like Haskell. Our work extends EffectiveAdvice, by Oliveira, Schrijvers and Cook; which lacks quantification, and explores how to exploit the monadic setting in the full pointcut/advice model. Type soundness is guaranteed by exploiting the underlying type system, in particular phantom types and a new anti-unification type class. Aspects are first-class, can be deployed dynamically, and the pointcut language is extensible, therefore combining the flexibility of dynamically-typed aspect languages with the guarantees of a static type system. Monads enables us to directly reason about computational effects both in aspects and base programs using traditional monadic techniques. Using this we extend Aldrich's notion of Open Modules with effects, and also with protected pointcut interfaces to external advising. These restrictions are enforced statically using the type system. Also, we adapt the techniques of EffectiveAdvice to reason about and enforce control flow properties. Moreover, we show how to control effect interference us- ing the parametricity-based approach of EffectiveAdvice. However this approach falls short when dealing with interference between multiple aspects. We propose a different approach using monad views, a recently developed technique for han- dling the monad stack. Finally, we exploit the properties of our monadic weaver to enable the modular construction of new semantics for aspect scoping and weaving. These semantics also benefit fully from the monadic reasoning mechanisms present in the language. This work brings type-based reasoning about effects for the first time in the pointcut/advice model, in a framework that is both expressive and extensible; thus allowing development of robust aspect-oriented systems as well as being a useful research tool for experimenting with new aspect semantics
Wireless Scheduling with Power Control
We consider the scheduling of arbitrary wireless links in the physical model
of interference to minimize the time for satisfying all requests. We study here
the combined problem of scheduling and power control, where we seek both an
assignment of power settings and a partition of the links so that each set
satisfies the signal-to-interference-plus-noise (SINR) constraints.
We give an algorithm that attains an approximation ratio of , where is the number of links and is the ratio
between the longest and the shortest link length. Under the natural assumption
that lengths are represented in binary, this gives the first approximation
ratio that is polylogarithmic in the size of the input. The algorithm has the
desirable property of using an oblivious power assignment, where the power
assigned to a sender depends only on the length of the link. We give evidence
that this dependence on is unavoidable, showing that any
reasonably-behaving oblivious power assignment results in a -approximation.
These results hold also for the (weighted) capacity problem of finding a
maximum (weighted) subset of links that can be scheduled in a single time slot.
In addition, we obtain improved approximation for a bidirectional variant of
the scheduling problem, give partial answers to questions about the utility of
graphs for modeling physical interference, and generalize the setting from the
standard 2-dimensional Euclidean plane to doubling metrics. Finally, we explore
the utility of graph models in capturing wireless interference.Comment: Revised full versio
- …