Gradual Information Flow Typing
نویسندگان
چکیده
We present a method to support the gradual evolution of secure scripts by formalizing an extension of the simply-typed lambda calculus that provides information flow constructs. These constructs allow initially insecure programs to evolve via targeted refactoring and to provide dynamic information flow guarantees via casts, as well as static information flow guarantees via labeled types.
منابع مشابه
Gradual Typing for Annotated Type Systems
Refinement type systems have been proposed by a number of researchers to sharpen the guarantees of existing type systems. Examples are systems that distinguish empty and non-empty lists by type, taint tracking and information flow control, dimension analysis, and many others. In each case, the type language is extended with annotations that either abstract semantic properties of values beyond t...
متن کاملLJGS: Gradual Security Types for Object-Oriented Languages (Artifact)
JGS-check is the accompanying artifact to “LJGS: Gradual Security Types for Object-Oriented Languages”. LJGS is a Java-like language with gradual security typing. It features a constraint based information flow type system that includes a type dynamic and type casts. Dynamically typed fragments are liberally accepted by the type checker and rely on run-time enforcement for security. JGScheck is...
متن کاملTowards Practical Gradual Typing
Over the past 20 years, programmers have embraced dynamically-typed programming languages. By now, they have also come to realize that programs in these languages lack reliable type information for software engineering purposes. Gradual typing addresses this problem; it empowers programmers to annotate an existing system with sound type information on a piecemeal basis. This paper presents an i...
متن کاملGradual Typing with Efficient Object Casts
Gradual type systems meld dynamic typing with optional static types, moderating between the two with statically inserted casts. Casting is the éminence grise of such systems — it enables swift detection of type errors in dynamic code without enforcing runtime checks throughout a program, and in combination with blame tracking it allows such errors to be traced to their origin. However, such cas...
متن کاملGradual Refinement Types Extended Version with Proofs
Refinement types are an effective language-based verification technique. However, as any expressive typing discipline, its strength is its weakness, imposing sometimes undesired rigidity. Guided by abstract interpretation, we extend the gradual typing agenda and develop the notion of gradual refinement types, allowing smooth evolution and interoperability between simple types and logicallyrefin...
متن کامل