Change search
ReferencesLink to record
Permanent link

Direct link
Protecting Functional Programs From Low-Level Attackers
Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Division of Computing Science. Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Computing Science.
2016 (English)Doctoral thesis, monograph (Other academic)
Abstract [en]

Software systems are growing ever larger. Early software systems were singular units developed by small teams of programmers writing in the same programming language. Modern software systems, on the other hand, consist of numerous interoperating components written by different teams and in different programming languages. While this more modular and diversified approach to software development has enabled us to build ever larger and more complex software systems, it has, however, made it harder to ensure the reliability and security of software systems.

In this thesis we study and remedy the security flaws that arise when attempting to resolve the difference in abstractions between components written in high-level functional programming languages and components written in imperative low-level programming languages. High-level functional programming languages, treat computation as the evaluation of mathematical functions. Low-level imperative programming languages, on the contrary, provide programmers with features that enable them to directly interact with the underlying hardware. While these features help programmers write more efficient software, they also make it easy to write malware through techniques such as buffer overflows and return oriented programming.

Concretely, we develop new run-time approaches for protecting components written in functional programming languages from malicious components written in low-level programming languages by making using of an emerging memory isolation mechanism.This memory isolation mechanism is called the Protected Module Architecture (PMA). Informally, PMA isolates the code and data that reside within a certain area of memory by restricting access to that area based on the location of the program counter.

We develop these run-time protection techniques that make use of PMA for three important areas where components written in functional programming languages are threatened by malicious low-level components: foreign function interfaces, abstract machines and compilation. In everyone of these three areas, we formally prove that our run-time protection techniques are indeed secure. In addtion to that we also provide implementations of our ideas through a fully functional compiler and a well-performing abstract machine.

Place, publisher, year, edition, pages
Uppsala: Acta Universitatis Upsaliensis, 2016. , 206 p.
Uppsala Dissertations from the Faculty of Science and Technology, ISSN 1104-2516 ; 124
Keyword [en]
Security, Functional Programming, Compilation, Interoperation, Bisimulation, Memory Protection
National Category
Computer Science
Research subject
Computer Science
URN: urn:nbn:se:uu:diva-281318ISBN: 978-91-554-9573-2OAI: diva2:914078
Public defence
2016-06-10, ITC 1211, Lägerhyddsvägen 2, Uppsala, 13:30 (English)
Available from: 2016-05-19 Created: 2016-03-22 Last updated: 2016-06-01Bibliographically approved

Open Access in DiVA

fulltext(1340 kB)108 downloads
File information
File name FULLTEXT01.pdfFile size 1340 kBChecksum SHA-512
Type fulltextMimetype application/pdf
Buy this publication >>

Search in DiVA

By author/editor
Larmuseau, Adriaan
By organisation
Division of Computing ScienceComputing Science
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 108 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 479 hits
ReferencesLink to record
Permanent link

Direct link