Secure Programming Languages? 
Author Message
 Secure Programming Languages?

I'm a research scientist, and I'd like to get more information
about secure programming languages.
Besides Java, what other languages are there?
Will the Java language be extended to provide finer-gained
control over security? If so, how? Is there any documentation?

I'd appreciate any pointers. Thanks.

Sent via Deja.com http://www.*-*-*.com/
Share what you know. Learn what you don't.



Sun, 27 Jan 2002 03:00:00 GMT  
 Secure Programming Languages?

Quote:

> I'm a research scientist, and I'd like to get more information
> about secure programming languages.

All programming languages are secure, in and of themselves.  It all depends
on how the program is written and where it is ran that makes is secure or
not.

Kent



Sun, 27 Jan 2002 03:00:00 GMT  
 Secure Programming Languages?
Quote:
> > I'm a research scientist, and I'd like to get more information
> > about secure programming languages.
>For a nice article try

Secure UNIX Programming FAQ
you can get it at http://www.whitefang.com/sup/
Good article describing what you can do to program in a secure format.


Sun, 27 Jan 2002 03:00:00 GMT  
 Secure Programming Languages?
: I'm a research scientist, and I'd like to get more information
: about secure programming languages.
: Besides Java, what other languages are there?
: Will the Java language be extended to provide finer-gained
: control over security? If so, how? Is there any documentation?
I think ALL the computer languages are secure. Insecureness usually
comes from developers.

--
With best regards,
        Gregory Edigarov



Mon, 28 Jan 2002 03:00:00 GMT  
 Secure Programming Languages?
There is an IBM researach language "Hermes" by
Robert E. Strom (ISBN 0-13-389537-8) which
might qualify.


Tue, 29 Jan 2002 03:00:00 GMT  
 Secure Programming Languages?
Check out JFlow; there's a paper at:
http://www.pmg.lcs.mit.edu/papers/popl99/myers-popl99.ps.gz

and the research project that produced it is at:
http://www.lcs.mit.edu/research/projects/project?name=9935

I'm not sure if JFlow has been released, or merely written about, but
perhaps it's what's being looked for.

Here's a paragraph from the target of the second URL above:

------------------------------------
The new language _JFlow_ (an extension to Java) allows programs to be
statically checked for information leaks by an extended Java
compiler. In JFlow, variables and objects are annotated with
statically-checked dissemination labels. These labels often can be
automatically inferred, so annotating programs is not onerous. An
explicit form of declassification provides a safe escape hatch when
the amount of information leaked is acceptable to the programmer.
Safe dynamic checks also may be used when static checks are
insufficient. There is little code space, data space, or run time
overhead, because most checking is performed statically.
------------------------------------

Jeremy



Tue, 29 Jan 2002 03:00:00 GMT  
 Secure Programming Languages?

Coming into this thread late from comp.lang.misc....

I don't know quite what you mean by secure, but wth Java you have no
control over memory allocation, so it's not clear that memory allocated
to Strings with important info (passwords) are over-written before being
freed.  I'd appreciate work-arounds for this (the only soln I can see is
C code implementing some kind of secure string class).  I suspect only
Ada has built-in support for clearing freed memory.

Andrew



Quote:
> Check out JFlow; there's a paper at:
> http://www.pmg.lcs.mit.edu/papers/popl99/myers-popl99.ps.gz

> and the research project that produced it is at:
> http://www.lcs.mit.edu/research/projects/project?name=9935

> I'm not sure if JFlow has been released, or merely written about, but
> perhaps it's what's being looked for.

> Here's a paragraph from the target of the second URL above:

> ------------------------------------
> The new language _JFlow_ (an extension to Java) allows programs to be
> statically checked for information leaks by an extended Java
> compiler. In JFlow, variables and objects are annotated with
> statically-checked dissemination labels. These labels often can be
> automatically inferred, so annotating programs is not onerous. An
> explicit form of declassification provides a safe escape hatch when
> the amount of information leaked is acceptable to the programmer.
> Safe dynamic checks also may be used when static checks are
> insufficient. There is little code space, data space, or run time
> overhead, because most checking is performed statically.
> ------------------------------------

> Jeremy

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.


Fri, 08 Feb 2002 03:00:00 GMT  
 Secure Programming Languages?


Quote:

> Coming into this thread late from comp.lang.misc....

And even later from comp.security.unix.... :-)

Quote:
> I don't know quite what you mean by secure, but wth Java you have no
> control over memory allocation, so it's not clear that memory
allocated
> to Strings with important info (passwords) are over-written before
being
> freed.  I'd appreciate work-arounds for this (the only soln I can see
is
> C code implementing some kind of secure string class).  I suspect only
> Ada has built-in support for clearing freed memory.

More or less, yeah.  I've seen a malloc library where the implementation
of free() did a memset(the_memory, 0, size_of_memory) before putting
the_memory back onto the free list.  Adding -lwhateveritwas to the
link line transparently added support for clearing memory to the C code.

I tend to agree with Dr. Stroustrup's comment, "I assume that any
competent programmer can get around any rule not explicitly enforced
by hardware," so as far as preventing code from Doing {*filter*} Things
To Memory, IMHO the programming language is the wrong place to look.
Clearing sensistive information from deallocated memory, of course, is
another matter.

--

Targeting & Attack Radar                                  UFOs are real.
Air Force Research Labs                                   The Air Force
Senior Systems Administrator                              doesn't exist.

Sent via Deja.com http://www.*-*-*.com/
Share what you know. Learn what you don't.



Fri, 08 Feb 2002 03:00:00 GMT  
 Secure Programming Languages?

Quote:
> I don't know quite what you mean by secure, but wth Java you have no
> control over memory allocation, so it's not clear that memory allocated
> to Strings with important info (passwords) are over-written before being
> freed.  I'd appreciate work-arounds for this (the only soln I can see is
> C code implementing some kind of secure string class).  I suspect only
> Ada has built-in support for clearing freed memory.

This depends on what you consider secure. From the Java Sendbox Standbpoint
this is a non-issue, since you can never access this non-cleared area. Dont
forget, there are no pointers in java.

A problem is of course clearing an object you dont know how many objects
have a reference too. But this can a) be ignored since if you dont trust the
reference holder you can trust them not to make copies and b) you can use
StringBuffers instead.

What is realy needed is "tainting"

Greetings
Bernd



Sat, 09 Feb 2002 03:00:00 GMT  
 Secure Programming Languages?

The problem I had in mind was one where an application is started
with a password that is used (say to initialise a special piece of
hardware).  A malicious intruder might gain access to the computer
and could possibly recover the password (eg from paged memory on
the disk).  With control over memory I would be able to wipe the
memory where the password was stored once it had been used...

I admit, it's obscure, but its connected with a real-life problem
(but I would be happy to be corrected!).

Andrew



Quote:
> In comp.security.unix Andrew Cooke

> > I don't know quite what you mean by secure, but wth Java you have no
> > control over memory allocation, so it's not clear that memory
allocated
> > to Strings with important info (passwords) are over-written before
being
> > freed.  I'd appreciate work-arounds for this (the only soln I can
see is
> > C code implementing some kind of secure string class).  I suspect
only
> > Ada has built-in support for clearing freed memory.

> This depends on what you consider secure. From the Java Sendbox
Standbpoint
> this is a non-issue, since you can never access this non-cleared area.
Dont
> forget, there are no pointers in java.

> A problem is of course clearing an object you dont know how many
objects
> have a reference too. But this can a) be ignored since if you dont
trust the
> reference holder you can trust them not to make copies and b) you can
use
> StringBuffers instead.

> What is realy needed is "tainting"

> Greetings
> Bernd

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.


Tue, 12 Feb 2002 03:00:00 GMT  
 
 [ 11 post ] 

 Relevant Pages 

1. FPLs as secure web-Languages?

2. Programming Secure Socket Layers

3. How secure C87 program ?

4. A Language Primer required for A Programming Language

5. Use a new language: Structured Programming Language

6. All Languages Programming Contest -- Extending the language (4)

7. All Languages Programming Contest -- Extending the language (3)

8. The Icon Programming Language (was: Discussions of languages)

9. information or program which transfer high language to assembly language

10. Programming languages and communication languages

11. languages in programming languages

12. SAC '96 Programming Languages Track: Final Program

 

 
Powered by phpBB® Forum Software