Juan Chen and Nikhil Swamy: FINE, Functional Programming for End-to-End Security Verification

Sign in to queue

Description

Juan Chen and Nikhil Swamy, two researchers at the Research in Software Engineering group, present FINE, a new programming language for .NET.

Software systems are governed by increasingly complex security policies. Ensuring that a system properly enforces its policy is hard. FINE is a new programming language (similar to F#) whose type system can be used to check that rich, stateful authorization and information flow policies are properly enforced. FINE is compiled to DCIL, a new minimal extension of .NET CIL. Our compiler carries type information throughout and allows DCIL programs to be verified independently for security.

In this video, Juan an Nikhil give the big picture and a shiny demo of FINE.

 The Research in Software Engineering team (RiSE) coordinates Microsoft's research in Software Engineering in Redmond, USA.

Embed

Download

Download this episode

The Discussion

  • User profile image
    contextfree

    Sounds interesting -- will watch later ...

  • User profile image
    Tom Lokhorst

    Interesting!

     

    The type of fread looks a bit like a dependent type. Since the third type depends on the value of the first argument. Although, since u is only used in the predicate part of the "type", that might not be true.

     

    Is FINE depedently typed?

  • User profile image
    nswamy

    Yes, Fine is dependently typed. In fact, we have dependent refinements: types like {x:t | phi}, where the formula phi is a type that can contain values from the term language. We also have value indexed types like cred < u > in the example of fread from the video, where u is a value. And, we also have affine types which allow us to model stateful programs. Incidentally, we chose the name "Fine" in part because of the afFINE and reFINEment typing constructs. 

     

    Check out our papers at research.microsoft.com/fine for more details. 

Add Your 2 Cents