Definition
We say that a program is typed when types have been assigned to the functions and data used by it, as well as constraints on which type of functions can access which types of data. A program is said to be strongly or weakly typed depending on the severity of the constraints. Type checking is the process of verifying type safety, that is, that the type constraints are satisfied.
Background
Type safety polices can range from simple to complex. Even the simplest policies can be helpful in preventing many common security flaws. Consider, for example the problem of buffer overflowvulnerabilities, in which the bounds of a buffer are not checked before it is written to. This oversight can result in the buffer overflowing, and the overflowed data being stored in a place where it can be executed. This is a common way of introducing...
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Volpano D, Smith G, Irvine C (1996) A sound type system for secure flow analysis. J Comput Sec 4(3):167–187
Sabelfeld A, Myers A (2003) Language-based information flow security. IEEE J Selected Areas Commun 21(1):5–19
Abadi M (1999) Secrecy by typing in security protocols. J ACM 46(5):749–786
Gordon AD, Jeffrey A (2003) Authenticity by typing for security protocols. J Comput Sec 11(4):451–520
Simonet V (2003) The Flow Caml System: documentation and user’s manual. Technical Report 0282, Institut National de Recherche en Informatique et en Automatique (INRIA)
Chong S, Myers A, Vikram K, Zheng L (2009) Jif reference manual. Cornell University. http://www.cs.cornell.edu/jif. Accessed Feb 2009
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
Meadows, C. (2011). Type Checking and Security. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_867
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5906-5_867
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5905-8
Online ISBN: 978-1-4419-5906-5
eBook Packages: Computer ScienceReference Module Computer Science and Engineering