Objective It is alarming that the society's critical infrastructures are notfully prepared to meet the challenge of information security. Moderncomputing systems are increasingly extensible, inter-connected, andmobile. However, exactly these trends make systems more vulnerable toattacks. A particularly exposed infrastructure is the world-wide webinfrastructure, where allowing the mere possibility of fetching a webpage opens up opportunities for delivering potentially maliciousexecutable content past current security mechanisms such asfirewalls. A critical challenge is to secure the computinginfrastructures without losing the benefits of the trends.It is our firm belief that attacks will continue succeeding unless afundamental security solution, one that focuses on the security of theactual applications (code), is devised. To this end, we are convincedthat application-level security can be best enforced, *byconstruction*, at the level of programming languages.ProSecuToR will develop the technology of *programming language-basedsecurity* in order to secure computing infrastructures.Language-based security is an innovative approach for enforcingsecurity by construction. The project will deliver policies andenforcement mechanisms for protecting who can see and who can modifysensitive data. Security policies will be expressible by theprogrammer at the construction phase. We will devise a policyframework capable of expressing fine-grained application-levelsecurity policies. We will build practical enforcement mechanisms toenforce the policies for expressive languages. Enforcement mechanismswill be fully automatic, preventing dangerous programs from executingwhenever there is a possibility of compromising desired securityproperties. The practicality will be demonstrated by building robustweb applications. ProSecuToR is expected to lead to breakthroughs in*securing web mashups* and *end-to-end web application security*. Fields of science natural sciencescomputer and information sciencessoftwarenatural sciencescomputer and information sciencescomputer securitynetwork security Programme(s) FP7-IDEAS-ERC - Specific programme: "Ideas" implementing the Seventh Framework Programme of the European Community for research, technological development and demonstration activities (2007 to 2013) Topic(s) ERC-SG-PE6 - ERC Starting Grant - Computer science and informatics Call for proposal ERC-2012-StG_20111012 See other projects for this call Funding Scheme ERC-SG - ERC Starting Grant Coordinator CHALMERS TEKNISKA HOGSKOLA AB Address - 412 96 Goteborg Sweden See on map Region Södra Sverige Västsverige Västra Götalands län Activity type Higher or Secondary Education Establishments Principal investigator Andreas Sabelfeld (Prof.) Administrative Contact Sara Kanhede (Ms.) Links Contact the organisation Opens in new window Website Opens in new window EU contribution No data Beneficiaries (1) Sort alphabetically Sort by EU Contribution Expand all Collapse all CHALMERS TEKNISKA HOGSKOLA AB Sweden EU contribution € 1 500 000,00 Address - 412 96 Goteborg See on map Region Södra Sverige Västsverige Västra Götalands län Activity type Higher or Secondary Education Establishments Principal investigator Andreas Sabelfeld (Prof.) Administrative Contact Sara Kanhede (Ms.) Links Contact the organisation Opens in new window Website Opens in new window Other funding No data
