It is my pleasure to present this proceedings of the 2nd ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS 2007), which took place on June 14, 2007 in San Diego, California, USA. The workshop was held as part of ACM's Federated Computing Research Conference (FCRC), as a satellite event of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2007).
The call for papers solicited submissions of three kinds: full-length technical papers for relatively mature work; short papers for less detailed or more preliminary work; and proposals for informal presentations to be given at the workshop but not to appear in the proceedings. The last category was designed to support the discussion of important and promising ideas at the workshop, even if the ideas were not yet ready for formal publication. Papers submitted to one category could be accepted in a different category at the program committee's discretion
We received 28 submissions from researchers at locations around the world. The submissions were comprised of 19 full-length papers, 6 short papers, and 3 informal presentations. One full paper was withdrawn prior to being reviewed. The committee ultimately accepted 10 full-length papers, 3 short papers, and 1 informal presentation. The submitted papers encompassed a variety of topics, including: inferring and enforcing information flow properties in programming languages, statically analyzing software for security vulnerabilities, specifying and enforcing security policies in software, intrusion detection, and models of declassification. Many committee members commented to me on the high quality of the papers we received. I am confident you will be impressed with the strength of the final program contained within these pages
Proceeding Downloads
Jifclipse: development tools for security-typed languages
Security-typed languages such as Jif require the programmer to label variables with information flow security policies as part of application development. The compiler then flags errors wherever information leaks may occur. Resolving these information ...
Improving usability of information flow security in java
This paper focuses on improving the usability of information flow type systems. We present a static information flow type inference system for Middleweight Java (MJ) which automatically infers information flow labels, thus avoiding the need for a ...
A domain-specific programming language for secure multiparty computation
We present a domain-specific programming language for Secure Multiparty Computation (SMC).
Information is a resource of vital importance and considerable economic value to individuals, public administration, and private companies. This means that the ...
Quantitative analysis of leakage for multi-threaded programs
We present a quantitative analysis of information flow for a multi-threaded language based on a probabilistic scheduler. The analysis consists of two steps. First, multi-threaded programs are translated into single-thread looping programs with a ...
A simulation-based proof technique for dynamic information flow
Information-flow analysis can prevent programs from improperly revealing secret information, and a dynamic approach can make such analysis more practical, but there has been relatively little work verifying that such analyses are sound (account for all ...
Cautious virus detection in the extreme
It is well known that there exist viruses whose set of infected programs is undecidable. If a virus detector is to err on the side of caution with respect to such a virus, then it must label some perfectly innocent programs as being infected by the ...
Localized delimited release: combining the what and where dimensions of information release
Information release (or declassification) policies are the key challenge for language-based information security. Although much progress has been made, different approaches to information release tend to address different aspects of information release. ...
Towards a logical account of declassification
Declassification is a vital ingredient for practical use of secure systems. Several recent efforts to formulate an end-to-end policy for declassification seem inconclusive and have focused on apparently different aspects. (e.g., what values are involved,...
Fast probabilistic simulation, nontermination, and secure information flow
In secure information flow analysis, the classic Denning restrictions allow a program's termination to be affected by the values of its H variables, resulting in potential information leaks. In an effort to quantify such leaks, in this work we study a ...
Large-scale analysis of format string vulnerabilities in Debian Linux
Format-string bugs are a relatively common security vulnerability, and can lead to arbitrary code execution. In collaboration with others, we designed and implemented a system to eliminate format string vulnerabilities from an entire Linux distribution, ...
Guarded models for intrusion detection
Host-based intrusion detection systems that monitor an application execution and report any deviation from its statically built model have seen tremendous progress in recent years. However, the weakness of these systems is that they often rely on overly ...
Using web application construction frameworks to protect against code injection attacks
In recent years, the security landscape has changed, with Web applications vulnerabilities becoming more prominent that vulnerabilities stemming from the lack of type safety, such as buffer overruns. Many reports point to code injection attacks such as ...
ABASH: finding bugs in bash scripts
This paper describes the design and implementation of ABASH, a tool for statically analyzing programs written in the bash scripting language. Although it makes no formal guarantees against missed errors or spurious warnings (largely due to the highly ...