Skip to main content
SpringerLink
Log in

Type Checking and Security

  • Reference work entry
Encyclopedia of Cryptography and Security

  • 171 Accesses

Related Concepts

Buffer Overflow; Covert Channels; Cryptographic Protocol Verification; Information Flow; Program Verification; Static Analysis

Definition

We say that a program is typed when types have been assigned to the functions and data used by it, as well as constraints on which type of functions can access which types of data. A program is said to be strongly or weakly typed depending on the severity of the constraints. Type checking is the process of verifying type safety, that is, that the type constraints are satisfied.

Background

Type safety polices can range from simple to complex. Even the simplest policies can be helpful in preventing many common security flaws. Consider, for example the problem of buffer overflowvulnerabilities, in which the bounds of a buffer are not checked before it is written to. This oversight can result in the buffer overflowing, and the overflowed data being stored in a place where it can be executed. This is a common way of introducing...

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 799.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 949.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Recommended Reading

  1. Volpano D, Smith G, Irvine C (1996) A sound type system for secure flow analysis. J Comput Sec 4(3):167–187

    Google Scholar 

  2. Sabelfeld A, Myers A (2003) Language-based information flow security. IEEE J Selected Areas Commun 21(1):5–19

    Article  Google Scholar 

  3. Abadi M (1999) Secrecy by typing in security protocols. J ACM 46(5):749–786

    Article  MATH  MathSciNet  Google Scholar 

  4. Gordon AD, Jeffrey A (2003) Authenticity by typing for security protocols. J Comput Sec 11(4):451–520

    Google Scholar 

  5. Simonet V (2003) The Flow Caml System: documentation and user’s manual. Technical Report 0282, Institut National de Recherche en Informatique et en Automatique (INRIA)

    Google Scholar 

  6. Chong S, Myers A, Vikram K, Zheng L (2009) Jif reference manual. Cornell University. http://www.cs.cornell.edu/jif. Accessed Feb 2009

Download references

Author information

Authors and Affiliations

  1. U.S. Naval Research Laboratory, 4555 Overlook Ave., SW, 20375, Washington, DC, USA

    Catherine Meadows Dr.

Authors
  1. Catherine Meadows Dr.
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Mathematics and Computing Science, Eindhoven University of Technology, 5600 MB, Eindhoven, The Netherlands

    Henk C. A. van Tilborg

  2. Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030-4422, USA

    Sushil Jajodia

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer Science+Business Media, LLC

About this entry

Cite this entry

Meadows, C. (2011). Type Checking and Security. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_867

Download citation

Publish with us

Policies and ethics

Search

Navigation