TC: Small: Collaborative Research: Securing Multilingual Software Systems

TC：小型：协作研究：保护多语言软件系统

• 批准号: 0915030
• 负责人: John Morrisett
• 金额: $ 21.51万
• 依托单位: Harvard University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2009
• 资助国家: 美国
• 起止时间: 2009-09-01 至 2013-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0915030&HistoricalAwards=false
• 关键词: TC; Small; Collaborative; Research; Securing

Most real software systems consist of modules developed inmultiple programming languages. Different languages differ in theirsecurity assumptions and guarantees. Consequently, even if singlemodules are secure in some language model and with respect to somesecurity policy, there is usually no uniform security guarantee on awhole multilingual system. This project focuses on low-overheadtechniques for providing security guarantees to software systems inwhich type-safe languages such as Java interoperate with native code.Native code is developed in low-level languages including C, C++, andassembly languages. Although often used in software projects, nativecode is notoriously insecure and is a rich source of securityvulnerabilities. The PIs are developing a two-layered approach toalleviating security threats posed by native code to type-safelanguages: (1) Binary rewriting tools and their verifiers are beingincorporated into the Java Virtual Machine (JVM) for rewriting andverifying native modules at the machine-instruction level to enforcesecurity policies; (2) A safe dialect of C for interoperation withJava is being designed; with the help of programmer annotations, thesafety of programs in this dialect can be statically verified. Theoutcome of this project will enable popular platforms such as the JVMand .NET and other major programming languages (e.g., Python, OCaml,etc.) to incorporate native modules safely. The developed principleswill also be applicable to web browsers and operating systems in whichthere is a need of extending them with untrusted low-level moduleswithout comprising host security.

大多数真实的软件系统都由用多种编程语言开发的模块组成。不同的语言在他们的安全假设和保证上有所不同。因此，即使单个模块在某些语言模型中是安全的，并且在某些安全策略方面是安全的，但在整个多语言系统中通常没有统一的安全保证。 本项目的重点是为Java等类型安全语言与本机代码互操作的软件系统提供安全保证的低开销技术。本机代码是用低级语言开发的，包括C、C++和汇编语言。 虽然经常在软件项目中使用，但nativecode是出了名的不安全，并且是安全漏洞的丰富来源。 PI正在开发一种两层的方法来减轻本地代码对类型安全语言构成的安全威胁：（1）二进制重写工具及其验证器正在被纳入Java虚拟机（JVM）中，用于在机器指令级重写和验证本地模块，以执行安全策略;（2）正在设计一种安全的C语言方言，用于与Java的互操作;在程序员注释的帮助下，可以静态地验证这种方言中的程序。 该项目的成果将使流行的平台，如JVM和.NET和其他主要的编程语言（例如，Python、OCaml等）安全地整合本地模块。 所开发的原则也将适用于Web浏览器和操作系统，其中需要在不包含主机安全性的情况下使用不可信的低级模块对其进行扩展。