Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Programming Language Weaves Security Into Code

Posted by Soulskill on from the you-can't-goto-there-from-here dept.

Ponca City writes "Until now, computer security has been reactive. 'Our defenses improve only after they have been successfully penetrated,' says security expert Fred Schneider. But now Dr. Dobb's reports that researchers at Cornell are developing a programming platform called 'Fabric,' an extension to the Java language that builds security into a program as it is written. Fabric is designed to create secure systems for distributed computing, where many interconnected nodes — not all of them necessarily trustworthy — are involved, as in systems that move money around or maintain medical records. Everything in Fabric is an 'object' labeled with a set of policies on how and by whom data can be accessed and what operations can be performed on it. Even blocks of program code have built-in policies about when and where they can be run. The compiler enforces the security policies and will not allow the programmer to write insecure code (PDF). The initial release of Fabric is now available at the Cornell website."

12 of 216 comments (clear)

  1. beat this by heptapod · · Score: 4, Funny

    10 intpray "ellohay orldway"
    20 otogay 10

    For extra encryption use rot-13.

  2. Why isn't this code working? by ak_hepcat · · Score: 5, Insightful

    I -swear- i gave it the right permissions... well, i'll just turn on ALLOW:ANY and debug it..
    Hey, that works.. well, it probably won't hurt to leave that there... :rinse :repeat

    ** yeah, like that'd never happen...

    --
    Support FSF: Stop thinking with your wallet, and think with your imagination. (cc/non-commercial)
    1. Re:Why isn't this code working? by Anonymous Coward · · Score: 4, Funny

      I have a similar piece of code, give me the number and I'll check it against mine.

  3. I don't see it working for long. by Jason+Pollock · · Score: 4, Insightful

    As experience teaches us, the first thing that people who need to share do is "chmod -R a+rwx ."

    So, any security which requires signing of code to run will become looser and looser over time as problems are encountered. That bug is causing problems in production and it takes a week to validate and sign it? Loosen the validation to get it to 15mins, or turn it off completely.

  4. Re:Tall statement by Anonymous Coward · · Score: 4, Insightful

    Secure software development takes longer to develop. That is the primary reason it is not widely practiced. Unless this new language makes secure programming as quick as unsecure programming, then corners are always going to be cut and security will suffer.

  5. Re:Tall statement by h4rm0ny · · Score: 4, Insightful

    it's deemed insecure due to their constraints - even though I've handled security in a different section.

    Yep - sounds like more bloat to me. In ten years time, we're going to be running our software on hardware five times as powerful as that which we use today and the software will do the same things it does today no faster.

    And then some old person will implement an email client in C using only the oldest and slimmest of libraries and everybody's heads will explode with shock at the speed of it.

    --

    Aide-toi, le Ciel t'aidera - Jeanne D'Arc.
  6. Re:Tall statement by pixelpusher220 · · Score: 5, Insightful

    the old adage:

    Good, Fast, Cheap

    Pick any two.

    --
    People in cars cause accidents....accidents in cars cause people :-D
  7. Re:Tall statement by Raenex · · Score: 4, Funny

    Because trying to force everybody to use Ada worked so well...

  8. Re:Instead of a new language... by shutdown+-p+now · · Score: 4, Funny

    Ada if it compiled successfully, the program often ran.

    Well, that's not such an impressive achievement, given that Perl would often happily run something that you wouldn't ever think could compile.

    The problem is to make sure that, when it runs, it does what the person who wrote the code intended it to do...

  9. Re:Tall statement by Sulphur · · Score: 4, Funny

    Give me TP for my security hole!

    Turbo Pascal?

  10. Snakeoil by A+beautiful+mind · · Score: 5, Interesting

    The language is either not Turing complete and then mostly useless for practical general computing, or it is Turing complete and then it provides no real security.

    It might avoid some class of problems, but it will never free a programmer from having to clarify his/her intentions. Security is an abstraction-level free problem, meaning that it equally can be an issue at the x86_64 instruction set level and also at the level of high level contractual/social agreements that code has to handle.

    As Bruce Schneier said long ago: Security is not a product; it's a process.

    Security is also a tradeoff between a system being secure and usable. You can make things more secure by allowing a system to do less. I'm not saying that this new programming language is useless, but it all comes down to a careful description of the language. If the creators advocate it as a secure programming language that makes code written in it secure by default, then they are almost certainly wrong and will quickly become a laughingstock. On the other hand, if they market it as a language that avoids or makes it impossible to commit certain classes of security problems, as a language that pays attention to it's core code for security issues and as a language that makes it clear security is a mindset, then I see it being useful.

    --
    It takes a man to suffer ignorance and smile
    Be yourself no matter what they say
  11. A secure language by ignavus · · Score: 4, Funny

    "Hello, wo..."

    "ACCESS DENIED - world does not accept greetings from unknown source."

    --
    I am anarch of all I survey.