MozillaWiki

Security:Bibliography: Difference between revisions

Page Discussion

Security:Bibliography (view source)

Revision as of 19:10, 3 August 2006

45 bytes added ,  3 August 2006
→‎People
Line 17: Line 17:
[[http://www.cs.cornell.edu/andru/ Andrew Myers]], my old pal from SGI days, is a prof at Cornell who has done wonderful work in this area, going back to his thesis at MIT, [[http://www.cs.cornell.edu/andru/release/tr783.ps.gz JFlow]].  See http://www.cs.cornell.edu/andru/pubs-topic.html for his publications.  His slides from this year's PLDI nicely summarize the problem-space we face: [[http://www.cs.cornell.edu/andru/pldi06-tutorial Expressing and Enforcing Security with Programming Languages]].
[[http://www.cs.cornell.edu/andru/ Andrew Myers]], my old pal from SGI days, is a prof at Cornell who has done wonderful work in this area, going back to his thesis at MIT, [[http://www.cs.cornell.edu/andru/release/tr783.ps.gz JFlow]].  See http://www.cs.cornell.edu/andru/pubs-topic.html for his publications.  His slides from this year's PLDI nicely summarize the problem-space we face: [[http://www.cs.cornell.edu/andru/pldi06-tutorial Expressing and Enforcing Security with Programming Languages]].


Vincent Simonet and the fine folks at INRIA behind OCaml have given the world [[http://cristal.inria.fr/~simonet/soft/flowcaml/ FlowCaml]]. Since JS and the other browser-based programming languages are not statically typed, FlowCaml may not seem useful, but with JS2 (ECMAScript Edition 4), we will have type annotations and the option of a static type checker.  The JS2 type system won't support Hindley-Milner type inference, but we anticipate using both types and static checking in Mozilla code, and we should aspire to realize both optimization and security wins from the new type system.
Vincent Simonet and the fine folks at INRIA behind OCaml have given the world [[http://cristal.inria.fr/~simonet/soft/flowcaml/ FlowCaml]], OCaml with an information flow type system.
 
Since JS and the other browser-hosted programming languages are not statically typed, FlowCaml may not seem useful, but with JS2 (ECMAScript Edition 4), we will have type annotations and the option of a static type checker.  The JS2 type system won't support Hindley-Milner type inference, but we anticipate using both types and static checking in Mozilla code, and we should aspire to realize both optimization and security wins from the new type system.


=== Papers ===
=== Papers ===


[Under construction, see links above]
[Under construction, see links above]
Brendan
Confirmed users, Bureaucrats and Sysops emeriti
419

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/30594"