Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Programming Language Weaves Security Into Code

Posted by Soulskill on from the you-can't-goto-there-from-here dept.

Ponca City writes "Until now, computer security has been reactive. 'Our defenses improve only after they have been successfully penetrated,' says security expert Fred Schneider. But now Dr. Dobb's reports that researchers at Cornell are developing a programming platform called 'Fabric,' an extension to the Java language that builds security into a program as it is written. Fabric is designed to create secure systems for distributed computing, where many interconnected nodes — not all of them necessarily trustworthy — are involved, as in systems that move money around or maintain medical records. Everything in Fabric is an 'object' labeled with a set of policies on how and by whom data can be accessed and what operations can be performed on it. Even blocks of program code have built-in policies about when and where they can be run. The compiler enforces the security policies and will not allow the programmer to write insecure code (PDF). The initial release of Fabric is now available at the Cornell website."

2 of 216 comments (clear)

  1. Why isn't this code working? by ak_hepcat · · Score: 5, Insightful

    I -swear- i gave it the right permissions... well, i'll just turn on ALLOW:ANY and debug it..
    Hey, that works.. well, it probably won't hurt to leave that there... :rinse :repeat

    ** yeah, like that'd never happen...

    --
    Support FSF: Stop thinking with your wallet, and think with your imagination. (cc/non-commercial)
  2. Re:Tall statement by pixelpusher220 · · Score: 5, Insightful

    the old adage:

    Good, Fast, Cheap

    Pick any two.

    --
    People in cars cause accidents....accidents in cars cause people :-D