Secure Languages

Exploration of new secure language concepts and secure abstractions that can be applied in future languages to prevent vulnerabilities in code written in those languages.

Project Details

Secure Languages

Secure Languages

Exploration of new secure language concepts and secure abstractions that can be applied in future languages to prevent vulnerabilities in code written in those languages.

Project Overview

Today’s languages do not support our developers in writing secure code for the most common types of vulnerabilities, such as buffer errors, injection attacks, and information leaks. We are exploring secure language concepts and secure abstractions that can be applied in future languages to prevent these vulnerabilities. 

Key challenge

The secure language concepts we are exploring need to extend the boundaries across different languages used in cloud applications, as well as extend into the databases used by such applications.

How we meet that challenge

Why not introduce secure language concepts into a multi-lingual, database-backed, memory-safe runtime, while at the same time improve compiler information flow tracking? We are starting to work on enhanced compiler and runtime to support security abstractions in these runtime conditions while we keep track of interoperability across the multiple languages.