Skip to main content
European Commission logo
español español
CORDIS - Resultados de investigaciones de la UE
CORDIS
CORDIS Web 30th anniversary CORDIS Web 30th anniversary
Contenido archivado el 2024-06-18

Programming Language-Based Security To Rescue

Objetivo

It is alarming that the society's critical infrastructures are not
fully prepared to meet the challenge of information security. Modern
computing systems are increasingly extensible, inter-connected, and
mobile. However, exactly these trends make systems more vulnerable to
attacks. A particularly exposed infrastructure is the world-wide web
infrastructure, where allowing the mere possibility of fetching a web
page opens up opportunities for delivering potentially malicious
executable content past current security mechanisms such as
firewalls. A critical challenge is to secure the computing
infrastructures without losing the benefits of the trends.

It is our firm belief that attacks will continue succeeding unless a
fundamental security solution, one that focuses on the security of the
actual applications (code), is devised. To this end, we are convinced
that application-level security can be best enforced, *by
construction*, at the level of programming languages.

ProSecuToR will develop the technology of *programming language-based
security* in order to secure computing infrastructures.
Language-based security is an innovative approach for enforcing
security by construction. The project will deliver policies and
enforcement mechanisms for protecting who can see and who can modify
sensitive data. Security policies will be expressible by the
programmer at the construction phase. We will devise a policy
framework capable of expressing fine-grained application-level
security policies. We will build practical enforcement mechanisms to
enforce the policies for expressive languages. Enforcement mechanisms
will be fully automatic, preventing dangerous programs from executing
whenever there is a possibility of compromising desired security
properties. The practicality will be demonstrated by building robust
web applications. ProSecuToR is expected to lead to breakthroughs in
*securing web mashups* and *end-to-end web application security*.

Convocatoria de propuestas

ERC-2012-StG_20111012
Consulte otros proyectos de esta convocatoria

Régimen de financiación

ERC-SG - ERC Starting Grant

Institución de acogida

CHALMERS TEKNISKA HOGSKOLA AB
Aportación de la UE
€ 1 500 000,00
Dirección
-
412 96 GOTEBORG
Suecia

Ver en el mapa

Región
Södra Sverige Västsverige Västra Götalands län
Tipo de actividad
Higher or Secondary Education Establishments
Investigador principal
Andreas Sabelfeld (Prof.)
Contacto administrativo
Sara Kanhede (Ms.)
Enlaces
Coste total
Sin datos

Beneficiarios (1)