359,211 research outputs found
Querying an Object-Oriented Database Using CPL
The Collection Programming Language is based on a complex value model of data and has successfully been used for querying transforming and integrating data from a wide variety of structured data sources - relational, ACeDB, and ASN.1 among others. However, since there is no notion of objects and classes in CPL, it cannot adequately model recursive types or inheritance, and hence cannot be used to query object-oriented databases (OODBs). By adding a reference type and four operations to CPL - dereference, method invocation, identity test and class type cast - it is possible to express a large class of interesting safe queries against OODBs. As an example of how the extended CPL can be used to query an OODB, we will describe how the extended language has been used as a query interface to Shore databases
Enforcing Secure Object Initialization in Java
Sun and the CERT recommend for secure Java development to not allow partially
initialized objects to be accessed. The CERT considers the severity of the
risks taken by not following this recommendation as high. The solution
currently used to enforce object initialization is to implement a coding
pattern proposed by Sun, which is not formally checked. We propose a modular
type system to formally specify the initialization policy of libraries or
programs and a type checker to statically check at load time that all loaded
classes respect the policy. This allows to prove the absence of bugs which have
allowed some famous privilege escalations in Java. Our experimental results
show that our safe default policy allows to prove 91% of classes of java.lang,
java.security and javax.security safe without any annotation and by adding 57
simple annotations we proved all classes but four safe. The type system and its
soundness theorem have been formalized and machine checked using Coq
Validating a Web Service Security Abstraction by Typing
An XML web service is, to a first approximation, an RPC service in which
requests and responses are encoded in XML as SOAP envelopes, and transported
over HTTP. We consider the problem of authenticating requests and responses at
the SOAP-level, rather than relying on transport-level security. We propose a
security abstraction, inspired by earlier work on secure RPC, in which the
methods exported by a web service are annotated with one of three security
levels: none, authenticated, or both authenticated and encrypted. We model our
abstraction as an object calculus with primitives for defining and calling web
services. We describe the semantics of our object calculus by translating to a
lower-level language with primitives for message passing and cryptography. To
validate our semantics, we embed correspondence assertions that specify the
correct authentication of requests and responses. By appeal to the type theory
for cryptographic protocols of Gordon and Jeffrey's Cryptyc, we verify the
correspondence assertions simply by typing. Finally, we describe an
implementation of our semantics via custom SOAP headers.Comment: 44 pages. A preliminary version appears in the Proceedings of the
Workshop on XML Security 2002, pp. 18-29, November 200
Gradual Certified Programming in Coq
Expressive static typing disciplines are a powerful way to achieve
high-quality software. However, the adoption cost of such techniques should not
be under-estimated. Just like gradual typing allows for a smooth transition
from dynamically-typed to statically-typed programs, it seems desirable to
support a gradual path to certified programming. We explore gradual certified
programming in Coq, providing the possibility to postpone the proofs of
selected properties, and to check "at runtime" whether the properties actually
hold. Casts can be integrated with the implicit coercion mechanism of Coq to
support implicit cast insertion a la gradual typing. Additionally, when
extracting Coq functions to mainstream languages, our encoding of casts
supports lifting assumed properties into runtime checks. Much to our surprise,
it is not necessary to extend Coq in any way to support gradual certified
programming. A simple mix of type classes and axioms makes it possible to bring
gradual certified programming to Coq in a straightforward manner.Comment: DLS'15 final version, Proceedings of the ACM Dynamic Languages
Symposium (DLS 2015
Hybrid Session Verification through Endpoint API Generation
© Springer-Verlag Berlin Heidelberg 2016.This paper proposes a new hybrid session verification methodology for applying session types directly to mainstream languages, based on generating protocol-specific endpoint APIs from multiparty session types. The API generation promotes static type checking of the behavioural aspect of the source protocol by mapping the state space of an endpoint in the protocol to a family of channel types in the target language. This is supplemented by very light run-time checks in the generated API that enforce a linear usage discipline on instances of the channel types. The resulting hybrid verification guarantees the absence of protocol violation errors during the execution of the session. We implement our methodology for Java as an extension to the Scribble framework, and use it to specify and implement compliant clients and servers for real-world protocols such as HTTP and SMTP
- …