TC: Small: Collaborative Research: Securing Multilingual Software Systems

TC：小型：协作研究：保护多语言软件系统

• 批准号: 0915157
• 负责人: Gang Tan
• 金额: $ 26.5万
• 依托单位: Lehigh University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2009
• 资助国家: 美国
• 起止时间: 2009-09-01 至 2013-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0915157&HistoricalAwards=false
• 关键词: TC; Small; Collaborative; Research; Securing

Most real software systems consist of modules developed inmultiple programming languages. Different languages differ in theirsecurity assumptions and guarantees. Consequently, even if singlemodules are secure in some language model and with respect to somesecurity policy, there is usually no uniform security guarantee on awhole multilingual system. This project focuses on low-overheadtechniques for providing security guarantees to software systems inwhich type-safe languages such as Java interoperate with native code.Native code is developed in low-level languages including C, C++, andassembly languages. Although often used in software projects, nativecode is notoriously insecure and is a rich source of securityvulnerabilities. The PIs are developing a two-layered approach toalleviating security threats posed by native code to type-safelanguages: (1) Binary rewriting tools and their verifiers are beingincorporated into the Java Virtual Machine (JVM) for rewriting andverifying native modules at the machine-instruction level to enforcesecurity policies; (2) A safe dialect of C for interoperation withJava is being designed; with the help of programmer annotations, thesafety of programs in this dialect can be statically verified. Theoutcome of this project will enable popular platforms such as the JVMand .NET and other major programming languages (e.g., Python, OCaml,etc.) to incorporate native modules safely. The developed principleswill also be applicable to web browsers and operating systems in whichthere is a need of extending them with untrusted low-level moduleswithout comprising host security.

大多数真正的软件系统由用多种编程语言开发的模块组成。不同的语言在安全假设和保证方面有所不同。因此，即使单个模块在某些语言模型和某些安全策略中是安全的，在整个多语言系统中通常也没有统一的安全保证。该项目关注于为软件系统提供安全保证的低开销技术，在这些系统中，类型安全语言（如Java）与本地代码进行互操作。本机代码是用C、c++和汇编语言等低级语言开发的。虽然经常在软件项目中使用，但本机代码是出了名的不安全，并且是安全漏洞的丰富来源。pi正在开发一种两层方法来减轻本机代码对类型安全语言构成的安全威胁：(1)二进制重写工具及其验证器被纳入Java虚拟机（JVM）中，用于在机器指令级别重写和验证本机模块，以强制执行安全策略；(2)正在设计一种与java互操作的C语言的安全方言；在程序员注释的帮助下，可以静态地验证使用这种方言的程序的安全性。这个项目的成果将支持流行的平台，比如jvm。. NET和其他主要编程语言（如Python、OCaml等），以安全地合并本地模块。开发的原则也将适用于web浏览器和操作系统，其中需要在不包含主机安全的情况下使用不受信任的低级模块扩展它们。