Visible to the public A Language and Framework for Development of Secure Mobile Applications – July 2014

Submitted by mdereno on Mon, 06/23/2014 - 4:04pm

Public Audience
Purpose: To highlight progress. Information is generally at a higher level which is accessible to the interested public.

PI(s): Jonathan Aldrich (CMU), Josh Sunshine (CMU)

HARD PROBLEM(S) ADDRESSED
This refers to Hard Problems, released November 2012.

  1. Scalability and composability
  2. Human behavior

PUBLICATIONS
Report papers written as a results of this research. If accepted by or submitted to a journal, which journal. If presented at a conference, which conference.

  • Cyrus Omar, Darya Kurilova, Ligia Nistor, Benjamin Chung, Alex Potanin, and Jonathan Aldrich. Safely Composable Type-Specific Languages. To appear in proceedings of the European Conference on Object-Oriented Programming, 2014.
  • Joshua Sunshine, James D. Herbsleb, and Jonathan Aldrich. Structuring Documentation to Support State Search: A Laboratory Experiment about Protocol Programming. To appear in proceedings of the European Conference on Object-Oriented Programming, 2014.
  • Michael Maass, Bill Scherlis, and Jonathan Aldrich. In-Nimbo Sandboxing. To appear in proceedings of HotSOS, 2014.
  • Jonathan Aldrich. The Power of Interoperability: Why Objects Are Inevitable. In Onward! Essays, 2013.
  • Cyrus Omar, Benjamin Chung, Darya Kurilova, Alex Potanin, and Jonathan Aldrich. Type-Directed, Whitespace-Delimited Parsing for Embedded DSLs. Proceedings of the International Workshop on the Globalization of Domain Specific Languages (GlobalDSL), 2013.
  • Ligia Nistor, Darya Kurilova, Stephanie Balzer, Benjamin Chung, Alex Potanin, and Jonathan Aldrich. Wyvern: A Simple, Typed, and Pure Object-Oriented Language. Proceedings of the Workshop on Mechanisms for Specialization, Generalization, and Inheritance (MASPEGHI), 2013.
  • Blase Ur, Patrick Gage Kelley, Saranga Komanduri, Joel Lee, Michael Maass, Michelle Mazurek, Timothy Passaro, Richard Shay, Timothy Vidas, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor. How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation. Proceedings of the 21st USENIX Security Symposium. (Revised version to appear in the "USENIX;login:" magazine)
  • Simin Chen. Declarative Access Policies based on Objects, Relationships, and States. Proceedings of the SPLASH 2012 Student Research Competition.
  • Nathan Fulton. Domain Specific Security through Extensible Type Systems. Proceedings of the SPLASH 2012 Student Research Competition.

HIGHLIGHTS
* We developed a formal system for safely composing separately defined type system fragments with modular type constructors. We establish several strong semantic guarantees, notably type safety, stability of typing under extension and conservativity: that the type invariants that a finite set of fragments maintain are conserved under extension. This work was submitted to POPL.

Groups: