A Dependently Typed Library for Static Information-Flow Control in Idris

02/18/2019
by   Simon Gregersen, et al.
0

Safely integrating third-party code in applications while protecting the confidentiality of information is a long-standing problem. Pure functional programming languages, like Haskell, make it possible to enforce lightweight information-flow control through libraries like MAC by Russo. This work presents DepSec, a MAC inspired, dependently typed library for static information-flow control in Idris. We showcase how adding dependent types increases the expressiveness of state-of-the-art static information-flow control libraries and how DepSec matches a special-purpose dependent information-flow type system on a key example. Finally, we show novel and powerful means of specifying statically enforced declassification policies using dependent types.

READ FULL TEXT
research
09/27/2017

A Permission-Dependent Type System for Secure Information Flow Analysis

We introduce a novel type system for enforcing secure information flow i...
research
03/01/2020

Retrofitting Fine Grain Isolation in the Firefox Renderer (Extended Version)

Firefox and other major browsers rely on dozens of third-party libraries...
research
08/27/2019

SNITCH: Dynamic Dependent Information Flow Analysis for Independent Java Bytecode

Software testing is the most commonly used technique in the industry to ...
research
07/24/2023

A Dataset of Android Libraries

Android app developers extensively employ code reuse, integrating many t...
research
07/27/2021

So You Want to Analyze Scheme Programs With Datalog?

Static analysis approximates the results of a program by examining only ...
research
04/06/2019

Type-Level Computations for Ruby Libraries

Many researchers have explored ways to bring static typing to dynamic la...
research
07/30/2019

Compiling With Classical Connectives

The study of polarity in computation has revealed that an "ideal" progra...

Please sign up or login with your details

Forgot password? Click here to reset