Overview of Language-Based Security

Dan Grossman

If "secure software" means software that meets some specified security policy, then language-based tools (compilers, run-time libraries, code analyses) are well-suited to security-policy enforcement: Being able to analyze source programs and control code generation are powerful, liberating opportunities to have. The last few years have witnessed many novel approaches to security via programming-language technology, i.e., language-based security.

In this overview talk, we will first briefly consider the "old school" programming-language war cry of "use better languages" and why this position is terribly necessary and terribly insufficient. We will then consider dimensions of language-based security solutions: How is a policy specified? How is it enforced? What is trusted? Is enforcement guaranteed? Most importantly, we will briefly describe many systems, such as proof-carrying code, type qualifiers, metacompilation, enforcement monitors, confined types, software fault-isolation, stack inspection, information flow for confidentiality and integrity, and model checking.

This is a hot area that won't cool down for a while and has room for more researchers -- hopefully two weeks is long enough to spread excitement to unsuspecting seminar-goers.

(The following week we will present current projects in programming languages at UW that relate to security.)