Paper Info
Title
Jifclipse: development tools for security-typed languages
Abstract
Security-typed languages such as Jif require the programmer to label variables with information flow security policies as part of application development. The compiler then flags errors wherever information leaks may occur. Resolving these information leaks is a critical task in security-typed language application development. Unfortunately, because information flows can be quite subtle, simple error messages tend to be insufficient for finding and resolving the source of information leaks; more sophisticated development tools are needed for this task. To this end we provide a set of principles to guide the development of such tools. Furthermore, we implement a subset of these principles in an integrated development environment (IDE) for Jif, called Jifclipse, which is built on the Eclipse extensible development platform. Our plug-in provides a Jif programmer with additional tools to view hidden information generated by a Jif compilation, to suggest fixes for errors, and to get more specific information behind an error message. Better development tools are essential for making security-typed application development practical; Jifclipse is a first step in this process
Year
DOI
Venue
2007
10.1145/1255329.1255331
PLAS
Keywords
Field
DocType
sophisticated development tool,eclipse extensible development platform,information leak,integrated development environment,application development,information flow,security-typed language application development,security-typed application development,hidden information,better development tool,eclipse,security policy
Information flow (information theory),Programmer,Programming language,Computer science,Development environment,Compiler,Specific-information,Eclipse,Security policy,Extensibility
Conference
Citations 
PageRank 
References 
2
0.36
19
Authors
3
Name
Order
Citations
PageRank
Boniface Hicks117111.48
Dave King2834.89
P. McDaniel37174494.57