Lambda the Ultimate

inactiveTopic A Language-Based Approach to Security
started 1/11/2003; 2:45:09 AM - last post 1/11/2003; 2:45:09 AM
Ehud Lamm - A Language-Based Approach to Security  blueArrow
1/11/2003; 2:45:09 AM (reads: 1033, responses: 0)
A Language-Based Approach to Security
A Language-Based Approach to Security. Fred B. Schneider, Greg Morrisett, and Robert Harper. Informatics: 10 Years Ahead, 10 Years Back. Conference on the Occasion of Dagstuhl's 10th Anniversary. Springer Verlag Lecture Notes in Computer Science volume 2000.

Language-based security leverages program analysis and program rewriting to enforce security policies. The approach promises efficient enforcement of fine-grained access control policies and depends on a trusted computing base of only modest size. This paper surveys progress and prospects for the area, giving overviews of in-lined reference monitors, certifying compilers, and advances in type theory.

The basic approach is that of execution monitoring (EM), which is basically a form of itnerpretation. Indeed, the authors point out that due to universality any monitoring currnetly done in hardware, can be done in software, by the interpreter. The only obstacle is the performance overhead.

The techniques surveyed in the paper deal with this issue.

Posted to general by Ehud Lamm on 1/11/03; 2:51:29 AM