Accountable Information Flow for Java-Based Web Applications

Abstract

To enforce accountability of information in web applications, it is necessary to track and control information flows. Information flow control ensures that information affected by some source can be attributed to that source. This research explored new ways to control information flow in web applications by extending prior work on the JIF programming language. Several technical innovations made it possible to apply language-based information flow control in every tier of a web application: at the application server (in the SIF system), at the web browser (in the Swift system), and in the persistent store (in the Fabric system). Several peer-reviewed publications were produced, some appearing in highly competitive publication venues. In addition, most of the software produced under the auspices of this project, including the SIF and Swift systems, has been publicly released, along with manuals and tutorials explaining how to use them to build web applications.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2010
Accession Number
ADA514068

Entities

People

  • Andrew Myers

Organizations

  • Cornell University

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Air Force Research Laboratories
  • Computer Program Documentation
  • Computer Programming
  • Computer Programs
  • Computers
  • Databases
  • Domain Specific Programming Languages
  • Graphical User Interface
  • Hypervelocity Flow
  • Information Exchange
  • Language
  • Network Protocols
  • Object Code
  • Programming Languages
  • User Interface
  • Web Applications
  • Web Browsers

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Database Systems and Applications