Secure Languages
Exploration of new secure language concepts and secure abstractions that can be applied in future languages to prevent vulnerabilities in code written in those languages.
Secure Languages
Secure Languages
Exploration of new secure language concepts and secure abstractions that can be applied in future languages to prevent vulnerabilities in code written in those languages.
Project Overview
Today’s languages do not support our developers in writing secure code for the most common types of vulnerabilities, such as buffer errors, injection attacks, and information leaks. We are exploring secure language concepts and secure abstractions that can be applied in future languages to prevent these vulnerabilities.
Key challenge
The secure language concepts we are exploring need to extend the boundaries across different languages used in cloud applications, as well as extend into the databases used by such applications.
How we meet that challenge
Why not introduce secure language concepts into a multi-lingual, database-backed, memory-safe runtime, while at the same time improve compiler information flow tracking? We are starting to work on enhanced compiler and runtime to support security abstractions in these runtime conditions while we keep track of interoperability across the multiple languages.