The SOL group at the University of Pennsylvania develops programming-language technology for improving software security. Specifically, we've been working on programming languages that allow programmers to specify advanced information-flow and access control security policies on data manipulated by the software.
- AURA - A language with authorization and audit
- Apollo - An experimental programming language for expressive information-flow security policies.
- Fjavac - A Java 5 compiler implemented in the functional language OCaml.
- Flowarrow - Example code for creating secure embedded languages in Haskell.
Manifest Security at U. Penn. and CMU
The Grey Project at CMU.
SELinks at U. Maryland, College Park
Jif at Cornell University.
FlowCaml at INRIA.
Polymer at Princeton.
Cryptyc at DePaul University.
Funding:This research has been supported in part by the following grants. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.
- NSF CCR-0311204: Dynamic Security Policies
- NSF CNS-0346939: CAREER: Language-based Distributed System Security
- NSF CNS-0524059: Resource-guided Implementation of Secure Embedded Software
- NSF CCF-0524035: Flexible, Decentralized Infomation-flow Control for Dynamic Environments
- NSF CCF-0716469: Manifest Security
- ONR: TIME-DC