Enforcing Modular Security through Language Design: A Study on Object and Reference Capabilities

We present an approach to language design aimed at enforcing modular security, where a security architect can define specific object capabilities that enforce custom security properties. Unlike traditional models that assume an uncompromised system (‘clean garden’), this model (‘dark forest’) assumes local machines are already compromised but anchored by a secure root. Security is maintained even in the presence of adversarial code execution within security-critical processes: a process may be rendered inert, or be subjected to crashes or infinite loops, but it is precluded from engaging in insecure interactions.

The Fearless Journey

Existing minimal OO models, like Featherweight Java (FJ), are valuable as a base for designing new programming languages. However, their utility in developing real-world programs is limited. We introduce the `Fearless Heart’, a novel object calculus preserving FJ’s minimal and extensible nature while being more suited for constructing complex, real-world applications. To illustrate the extensibility of the Fearless Heart, we extend it with Reference Capabilities (RC), creating R-Fearless. It supports mutability and other side effects while retaining the reasoning advantages of functional programming and gaining support for features that are well-known to be enabled by RC, like automatic parallelism, caching and invariants. R-Fearless is still minimal enough to allow further extensions.

Zoom link

Topic: PL Group Seminar Time: Jan 18, 2024 02:00 PM Hong Kong SAR

Join Zoom Meeting https://hku.zoom.us/j/98411775690?pwd=K1g0MVAyVzFKUUpZa05RWHlPNUxWQT09

Meeting ID: 984 1177 5690 Password: 752199