scholarly journals Computer Security from a Programming Language and Static Analysis Perspective

2003 ◽  
pp. 1-9 ◽  
Author(s):  
Xavier Leroy
Keyword(s):  
Computer Security ◽  
Static Analysis ◽  
Programming Language

scholarly journals A Runtime System for XML Transformations in Java

2004 ◽  
Vol 11 (33) ◽  
Author(s):  
Aske Simon Christensen ◽  
Christian Kirkegaard ◽  
Anders Møller
Keyword(s):  
Static Analysis ◽  
Programming Language ◽  
Program Analysis ◽  
Companion Paper ◽  
General Purpose ◽  
Runtime System ◽  
Xml Documents ◽  
Level Data ◽  
High Level ◽  
The Given

We show that it is possible to extend a general-purpose programming language with a convenient high-level data-type for manipulating XML documents while permitting (1) precise static analysis for guaranteeing validity of the constructed XML documents relative to the given DTD schemas, and (2) a runtime system where the operations can be performed efficiently. The system, named Xact, is based on a notion of immutable XML templates and uses XPath for deconstructing documents. A companion paper presents the program analysis; this paper focuses on the efficient runtime representation.

Programming language methods in computer security

2001 ◽  
Vol 36 (3) ◽  
pp. 1-26 ◽  
Author(s):  
John C. Mitchell
Keyword(s):  
Computer Security ◽  
Programming Language

scholarly journals Static Validation of XSL Transformations

2005 ◽  
Vol 12 (32) ◽  
Author(s):  
Anders Møller ◽  
Mads Østerby Olesen ◽  
Michael I. Schwartzbach
Keyword(s):  
Web Services ◽  
Programming Languages ◽  
Large Class ◽  
Static Analysis ◽  
Programming Language ◽  
Pragmatic Approach ◽  
Validation Technique ◽  
Summary Graph

XSL Transformations (XSLT) is a programming language for defining transformations between XML languages. The structure of these languages is formally described by schemas, for example using DTD, which allows individual documents to be validated. However, existing XSLT tools offer no static guarantees that, under the assumption that the input is valid relative to the input schema, the output of the transformation is valid relative to the output schema.<br /> <br />We present a validation technique for XSLT based on the summary graph formalism introduced in the static analysis of JWIG Web services. Being able to provide static guarantees, we can detect a large class of errors in an XSLT stylesheet at the time it is written instead of later when it has been deployed, and thereby provide benefits similar to those of static type checkers for modern programming languages.<br /> <br />Our analysis takes a pragmatic approach that focuses its precision on the essential language features but still handles the entire XSLT 1.0 language. We evaluate the analysis precision on a range of real stylesheets and demonstrate how it may be useful in practice.

scholarly journals A Translator with a Security Static Analysis Feature of an Information Flow for a Simple Programming Language

2014 ◽  
Vol 21 (4) ◽  
pp. 5-12
Author(s):  
E. Ju. Antoshina ◽  
A. N. Barakova ◽  
E. S. Nikitin ◽  
D. Ju. Chalyy
Keyword(s):  
Static Analysis ◽  
Programming Language ◽  
Information Flow

scholarly journals A Runtime System for XML Transformations in Java

2003 ◽  
Vol 10 (29) ◽  
Author(s):  
Aske Simon Christensen ◽  
Christian Kirkegaard ◽  
Anders Møller
Keyword(s):  
Static Analysis ◽  
Programming Language ◽  
Program Analysis ◽  
Companion Paper ◽  
General Purpose ◽  
Runtime System ◽  
Xml Documents ◽  
Level Data ◽  
High Level ◽  
The Given

We show that it is possible to extend a general-purpose programming language with a convenient high-level data-type for manipulating XML documents while permitting (1) precise static analysis for guaranteeing validity of the constructed XML documents relative to the given DTD schemas, and (2) a runtime system where the operations can be performed efficiently. The system, named X<small>ACT</small>, is based on a notion of immutable XML templates and uses XPath for deconstructing documents. A companion paper presents the program analysis; this paper focuses on the efficient runtime representation.

scholarly journals A translator with a security static analysis feature of an information flow for a simple programming language

2014 ◽  
Vol 48 (7) ◽  
pp. 589-593
Author(s):  
E. Ju. Antoshina ◽  
A. N. Barakova ◽  
E. S. Nikitin ◽  
D. Ju. Chalyy
Keyword(s):  
Static Analysis ◽  
Programming Language ◽  
Information Flow

scholarly journals Statically bounded-memory delayed sampling for probabilistic streams

2021 ◽  
Vol 5 (OOPSLA) ◽  
pp. 1-28
Author(s):  
Eric Atkinson ◽  
Guillaume Baudart ◽  
Louis Mandel ◽  
Charles Yuan ◽  
Michael Carbin
Keyword(s):  
Bayesian Inference ◽  
Programming Languages ◽  
Static Analysis ◽  
Programming Language ◽  
Inference Algorithm ◽  
Prior Work ◽  
Probabilistic Programming ◽  
The Core ◽  
Bounded Memory ◽  
Automated Inference

Probabilistic programming languages aid developers performing Bayesian inference. These languages provide programming constructs and tools for probabilistic modeling and automated inference. Prior work introduced a probabilistic programming language, ProbZelus, to extend probabilistic programming functionality to unbounded streams of data. This work demonstrated that the delayed sampling inference algorithm could be extended to work in a streaming context. ProbZelus showed that while delayed sampling could be effectively deployed on some programs, depending on the probabilistic model under consideration, delayed sampling is not guaranteed to use a bounded amount of memory over the course of the execution of the program. In this paper, we the present conditions on a probabilistic program’s execution under which delayed sampling will execute in bounded memory. The two conditions are dataflow properties of the core operations of delayed sampling: the m -consumed property and the unseparated paths property . A program executes in bounded memory under delayed sampling if, and only if, it satisfies the m -consumed and unseparated paths properties. We propose a static analysis that abstracts over these properties to soundly ensure that any program that passes the analysis satisfies these properties, and thus executes in bounded memory under delayed sampling.

Sign in / Sign up

Export Citation Format

Share Document