Skip to main content
SpringerLink
Log in

Protection in Programming-Language Translations

  • Chapter
Secure Internet Programming

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1603))

Abstract

We discuss abstractions for protection and the correctness of their implementations. Relying on the concept of full abstraction, we consider two examples: (1) the translation of Java classes to an intermediate bytecode language, and (2) in the setting of the pi calculus, the implementation of private channels in terms of cryptographic operations.

This is a slightly revised version of a paper that appeared in Automata, Languages and Programming: 25th International Colloquium, ICALOP’98, Springer-Verlag, July 1998.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Martin Abadi. Secrecy by typing in security protocols. In Theoretical Aspects of Computer Software, volume 1281 of Lecture Notes in Computer Science, pages 611–638. Springer-Verlag, 1997.

    Chapter  Google Scholar 

  2. Martín Abadi, Cédric Fournet, and Georges Gonthier. Secure implementation of channel abstractions. In Proceedings of the Thirteenth Annual IEEE Symposium on Logic in Computer Science, pages 105–116, June 1998.

    Google Scholar 

  3. Martín Abadi and Andrew D. Gordon. A calculus for cryptographic protocols: The spi calculus. Technical Report 414, University of Cambridge Computer Laboratory, January 1997. Extended version of both [4] and [5]. A revised version appeared as Digital Equipment Corporation Systems Research Center report No. 149, January 1998, and an abridged version will appear in Information and Computation.

    Google Scholar 

  4. Martín Abadi and Andrew D. Gordon. A calculus for cryptographic protocols: The spi calculus. In Proceedings of the Fourth ACM Conference on Computer and Communications Security, pages 36–47, 1997.

    Google Scholar 

  5. Martín Abadi and Andrew D. Gordon. Reasoning about cryptographic protocols in the spi calculus. In Proceedings of the 8th International Conference on Concurrency Theory, volume 1243 of Lecture Notes in Computer Science, pages 59–73. Springer-Verlag, July 1997.

    Google Scholar 

  6. Bowen Alpern and Fred B. Schneider. Defining liveness. Information Processing Letters, 21(4):181–185, October 1985.

    Article  MATH  MathSciNet  Google Scholar 

  7. Andrew D. Birrell. Secure communication using remote procedure calls. A CM Transactions on Computer Systems, 3(1):1–14, February 1985.

    Article  MathSciNet  Google Scholar 

  8. Michele Boreale and Rocco De Nicola. Testing equivalence for mobile processes. Information and Computation, 120(2):279–303, August 1995.

    Article  MATH  MathSciNet  Google Scholar 

  9. Jorge Luis Borges. La muerte y la brújula. In Obras completas 1923–1972, pages 499–507. Emecé Editores, Buenos Aires, 1974. Titled “Death and the compass” in English translations.

    Google Scholar 

  10. Richard M. Cohen. Defensive Java Virtual Machine version 0.5 alpha release. Web pages at http://www.cli.com/, May 1997.

  11. Rocco De Nicola and Matthew C. B. Hennessy. Testing equivalences for processes. Theoretical Computer Science, 34:83–133, 1984.

    Article  MATH  MathSciNet  Google Scholar 

  12. Drew Dean, Edward W. Felten, Dan S. Wallach, and Dirk Balfanz. Java security: Web browsers and beyond. In Dorothy E. Denning and Peter J. Denning, editors, Internet besieged: countering cyberspace scofflaws, pages 241–269. ACM Press, 1998.

    Google Scholar 

  13. Dorothy E. Denning. Cryptography and Data Security. Addison-Wesley, Reading, Mass., 1982.

    MATH  Google Scholar 

  14. Whitfield Diffie, Paul C. van Oorschot, and Michael J. Wiener. Authentication and authenticated key exchanges. Designs, Codes and Cryptography, 2:107–125, 1992.

    Article  Google Scholar 

  15. Cédric Fournet and Georges Gonthier. The reflexive chemical abstract machine and the join-calculus. In Proceedings of the 23rd ACM Symposium on Principles of Programming Languages, pages 372–385, January 1996.

    Google Scholar 

  16. Stephen N. Freund and John C. Mitchell. A type system for object initialization in the Java bytecode language. In OOPSLA’ 98 Conference Proceedings: Object-Oriented Programming, Systems, Languages, and Applications, pages 310–327, 1998.

    Google Scholar 

  17. James Gosling, Bill Joy, and Guy L. Steele. The Java Language Specification. Addison-Wesley, 1996.

    Google Scholar 

  18. Nevin Heintze and Jon G. Riecke. The SLam calculus: programming with secrecy and integrity. In Proceedings of the 25th ACM Symposium on Principles of Programming Languages, pages 365–377, 1998.

    Google Scholar 

  19. C. A. R. Hoare. Proof of correctness of data representations. Acta Informatica, 1:271–281, 1972.

    Article  MATH  Google Scholar 

  20. Anita K. Jones and Barbara H. Liskov. A language extension for expressing constraints on data access. Communications of the ACM, 21(5):358–367, May 1978.

    Article  MATH  Google Scholar 

  21. Leslie Lamport. A simple approach to specifying concurrent systems. Communications of the ACM, 32(1):32–45, January 1989.

    Article  MathSciNet  Google Scholar 

  22. Butler W. Lampson. Protection. In Proceedings of the 5th Princeton Conference on Information Sciences and Systems, pages 437–443, 1971.

    Google Scholar 

  23. Butler W. Lampson. Hints for computer system design. Operating Systems Review, 17(5):33–48, October 1983. Proceedings of the Ninth ACM Symposium on Operating System Principles.

    Article  Google Scholar 

  24. Butler W. Lampson and Howard E. Sturgis. Reflections on an operating system design. Communications of the ACM, 19(5):251–265, May 1976.

    Article  Google Scholar 

  25. Xavier Leroy and François Rouaix. Security properties of typed applets. In Proceedings of the 25th ACM Symposium on Principles of Programming Languages, pages 391–403, 1998.

    Google Scholar 

  26. Tim Lindholm and Frank Yellin. The Java Virtual Machine Specification. Addison-Wesley, 1996.

    Google Scholar 

  27. John Longley and Gordon Plotkin. Logical full abstraction and PCF. In Jonathan Ginzburg, Zurab Khasidashvili, Carl Vogel, Jean-Jacques Levy, and Enric Vallduvi, editors, The Tbilisi Symposium on Logic, Language and Computation: Selected Papers, pages 333–352. CSLI Publications and FoLLI, 1998.

    Google Scholar 

  28. John McLean. A general theory of composition for a class of “possibilistic” properties. IEEE Transactions on Software Engineering, 22(1):53–66, January 1996.

    Article  Google Scholar 

  29. Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996.

    Google Scholar 

  30. Robin Milner. Fully abstract models of typed λ-calculi. Theoretical Computer Science, 4:1–22, 1977.

    Article  MATH  MathSciNet  Google Scholar 

  31. Robin Milner. Communication and Concurrency. Prentice-Hall International, 1989.

    Google Scholar 

  32. Robin Milner. Functions as processes. Mathematical Structures in Computer Science, 2:119–141, 1992.

    Article  MATH  MathSciNet  Google Scholar 

  33. Robin Milner. The polyadic π-calculus: a tutorial. In Bauer, Brauer, and Schwichtenberg, editors, Logic and Algebra of Specification. Springer-Verlag, 1993.

    Google Scholar 

  34. Robin Milner, Joachim Parrow, and David Walker. A calculus of mobile processes, parts I and II. Information and Computation, 100:1–40 and 41–77, September 1992.

    Article  MATH  MathSciNet  Google Scholar 

  35. John C. Mitchell. On abstraction and the expressive power of programming languages. Science of Computer Programming, 21(2):141–163, October 1993.

    Article  MATH  MathSciNet  Google Scholar 

  36. James H. Morris, Jr. Protection in programming languages. Communications of the ACM, 16(1):15–21, January 1973.

    Article  MATH  Google Scholar 

  37. Greg Morrisett, David Walker, Karl Crary, and Neal Glew. From System F to Typed Assembly Language. In Proceedings of the 25th ACM Symposium on Principles of Programming Languages, pages 85–97, 1998.

    Google Scholar 

  38. Andrew C. Myers and Barbara Liskov. A decentralized model for information flow control. In Proceedings of the 16th ACM Symposium on Operating System Principles, pages 129–142, 1997.

    Google Scholar 

  39. George C. Necula and Peter Lee. The design and implementation of a certifying compiler. In Proceedings of the ACM SIGPLAN’98 Conference on Programming Language Design and Implementation (PLDI), pages 333–344, 1998.

    Google Scholar 

  40. Gordon Plotkin. LCF considered as a programming language. Theoretical Computer Science, 5:223–256, 1977.

    Article  MathSciNet  Google Scholar 

  41. Zhenyu Qian. A formal specification of Java Virtual Machine instructions for objects, methods and subroutines. In Jim Alves-Foss, editor, Formal Syntax and Semantics of Java?. Springer-Verlag, 1998. To appear.

    Google Scholar 

  42. Jon G. Riecke. Fully abstract translations between functional languages. Mathematical Structures in Computer Science, 3(4):387–415, December 1993.

    MATH  MathSciNet  Google Scholar 

  43. Ehud Shapiro. Separating concurrent languages with categories of language embeddings. In Proceedings of the Twenty Third Annual ACM Symposium on the Theory of Computing, pages 198–208, 1991.

    Google Scholar 

  44. Raymie Stata and Martín Abadi. A type system for Java bytecode subroutines. In Proceedings of the 25th ACM Symposium on Principles of Programming Languages, pages 149–160, January 1998.

    Google Scholar 

  45. Sun Microsystems, Inc. Inner classes specification. Web pages at http://java.sun.com/products/jdk/1.1/docs/guide/innerclasses/, 1997.

  46. Sun Microsystems, Inc. RMI enhancements. Web pages at http://java.sun.com/products/jdk/1.2/docs/guide/rmi/index.html, 1997.

  47. Leendert van Doom, Martín Abadi, Mike Burrows, and Edward Wobber. Secure network objects. In Proceedings 1996 IEEE Symposium on Security and Privacy, pages 211–221, May 1996.

    Google Scholar 

  48. Dennis Volpano, Cynthia Irvine, and Geoffrey Smith. A sound type system for secure flow analysis. Journal of Computer Security, 4:167–187, 1996.

    Google Scholar 

  49. Edward Wobber, Martín Abadi, Michael Burrows, and Butler Lampson. Authentication in the Taos operating system. ACM Transactions on Computer Systems, 12(1):3–32, February 1994.

    Article  Google Scholar 

  50. Ann Wollrath, Roger Riggs, and Jim Waldo. A distributed object model for the Java system. Computing Systems, 9(4):265–290, Fall 1996.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Systems Research Center Compaq, 130 Lytton Avenue, Palo Alto, CA, 94301, USA

    Martín Abadi

Authors
  1. Martín Abadi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Object Systems Group, University of Geneva, CH-1211, Geneva 4, Switzerland

    Jan Vitek

  2. Department of Computer Science, O’Reilly Institute, Trinity College Dublin, Dublin 2, Ireland

    Christian D. Jensen

Rights and permissions

Reprints and permissions

Copyright information

© 1999 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Abadi, M. (1999). Protection in Programming-Language Translations. In: Vitek, J., Jensen, C.D. (eds) Secure Internet Programming. Lecture Notes in Computer Science, vol 1603. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48749-2_2

Download citation

  • DOI: https://doi.org/10.1007/3-540-48749-2_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-66130-6

  • Online ISBN: 978-3-540-48749-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation