179 research outputs found
Type-based Dependency Analysis for JavaScript
Dependency analysis is a program analysis that determines potential data flow
between program points. While it is not a security analysis per se, it is a
viable basis for investigating data integrity, for ensuring confidentiality,
and for guaranteeing sanitization. A noninterference property can be stated and
proved for the dependency analysis. We have designed and implemented a
dependency analysis for JavaScript. We formalize this analysis as an
abstraction of a tainting semantics. We prove the correctness of the tainting
semantics, the soundness of the abstraction, a noninterference property, and
the termination of the analysis.Comment: Technical Repor
Efficient Dynamic Access Analysis Using JavaScript Proxies
JSConTest introduced the notions of effect monitoring and dynamic effect
inference for JavaScript. It enables the description of effects with path
specifications resembling regular expressions. It is implemented by an offline
source code transformation.
To overcome the limitations of the JSConTest implementation, we redesigned
and reimplemented effect monitoring by taking advantange of JavaScript proxies.
Our new design avoids all drawbacks of the prior implementation. It guarantees
full interposition; it is not restricted to a subset of JavaScript; it is
self-maintaining; and its scalability to large programs is significantly better
than with JSConTest.
The improved scalability has two sources. First, the reimplementation is
significantly faster than the original, transformation-based implementation.
Second, the reimplementation relies on the fly-weight pattern and on trace
reduction to conserve memory. Only the combination of these techniques enables
monitoring and inference for large programs.Comment: Technical Repor
TreatJS: Higher-Order Contracts for JavaScript
TreatJS is a language embedded, higher-order contract system for JavaScript
which enforces contracts by run-time monitoring. Beyond providing the standard
abstractions for building higher-order contracts (base, function, and object
contracts), TreatJS's novel contributions are its guarantee of non-interfering
contract execution, its systematic approach to blame assignment, its support
for contracts in the style of union and intersection types, and its notion of a
parameterized contract scope, which is the building block for composable
run-time generated contracts that generalize dependent function contracts.
TreatJS is implemented as a library so that all aspects of a contract can be
specified using the full JavaScript language. The library relies on JavaScript
proxies to guarantee full interposition for contracts. It further exploits
JavaScript's reflective features to run contracts in a sandbox environment,
which guarantees that the execution of contract code does not modify the
application state. No source code transformation or change in the JavaScript
run-time system is required.
The impact of contracts on execution speed is evaluated using the Google
Octane benchmark.Comment: Technical Repor
Questioning Development Orthodoxy
This paper traces the history and current state of international economic development through its institutions and attempts to reassess these institutions and their processes in a heterodox manner. There are many stereotypes and clichés to the foreign assistance industry: that it takes from
the poor in rich countries and gives to the rich in poor countries; that it provides laboratories for economists and other social scientists to apply theories abroad that they would never attempt at home (the most obvious examples of these are population control programs and the privatization of pension funds); and that development creates âbrain drainâ from indigenous 2 institutions to the very institutions of development itself. Although a brief summary of the major research programs in development is given, the paper
does not attempt to falsify or confirm any of these or other research programs and their corresponding policy recommendations. The purpose of the paper is to question the very nature of international economic
development itself through an historical and philosophical re-examination of its institutional constructs. The Hegelian dialectical method of analysis is applied to the institutions of economic development and is used to ask, âwhat next and why
The regulation of repo markets: Incorporating public interest through a stronger role of civil society
Regulatory failures, which came to the fore after the financial crisis of 2007-2009, lead to the question of why some activities by financial institutions were not regulated prior to the crisis of 2007, even though regulators knew about certain dangers to financial stability? The repo-market, although centrally involved in the last crisis, still awaits stringent regulation. At the same time, the regulatory cycle seems to come to an end, boding ill for future crises which will be amplified by this market. In this situation, NGOs are needed to make regulators act upon their knowledge and to tighten their regulations
Market-based but state-led: The role of public development banks in shaping market-based finance in the European Union
This paper examines the European Unionâs strategy of governing the economy through financial markets by focusing on the largely unacknowledged role of public development banks, including the multilateral European Investment Bank. It argues that these state-owned financial institutions have moved into a key position in the recent evolution of the European financial system and economic governance. Since the crisis, policy makers have used them to address the intrinsic volatility and excess liquidity of contemporary financial markets, as well as offset the constraints on public investment imposed by institutionalized fiscal austerity. The paper provides evidence for this claim through an analysis of the emergent policy nexus between the Investment Plan for Europe and the Action Plan on Building a Capital Markets Union. Based on official documents and interview data, it specifically traces the risk-sharing devices for small- and medium-sized enterprise and infrastructure finance set up by development banks within these initiatives. Equipped with public guarantees, they have been instrumental for the promotion of securitization markets and publicâprivate partnerships through increased multilevel collaborations among development banks. The anchor role of such quasi-fiscal state actors in shaping capital markets, the paper concludes, has profound political implications, and therefore warrants further scholarly attention
The European Investment Bank is becoming increasingly politicised
Over the past two decades, the European Investment Bank (EIB) has become the worldâs largest multilateral financial institution. In 1999, the EU member statesâ âpolicy-drivenâ bank counted around 1,000 staff members. This number is now close to 3,000. In 1999, the EIBâs balance sheet stood at 200 billion euros. It now stands at 550 billion euros. While this has given the bank an enormous push in its organisational capabilities, it has also come with higher visibility, calls for transparency and accountability, and mounting political tensions. This process of politicisation is characteristic for the post-crisis evolution of the European Union, and apparently does not stop at the European Commissionâs door or the European Central Bank (ECB). Three recent episodes in particular highlight why more attention should be focused on the EIB
- âŠ