Short Paper: Weak Runtime-Irrelevant Typing for Security
Pages 13 - 17
Abstract
Types indexed with extra type-level information are a powerful tool for statically enforcing domain-specific security properties. In many cases, this extra information is runtime-irrelevant, and so it can be completely erased at compile-time without degrading the performance of the compiled code. In practice, however, the added bureaucracy often disrupts the development process, as programmers must completely adhere to new complex constraints in order to even compile their code.
In this work we present WRIT, a plugin for the GHC Haskell compiler that relaxes the type checking process in the presence of runtime-irrelevant constraints. In particular, WRIT can automatically coerce between runtime equivalent types, allowing users to run programs even in the presence of some classes of type errors. This allows us to gradually secure our code while still being able to compile at each step, separating security concerns from functional correctness.
Moreover, we present a novel way to specify which types should be considered equivalent for the purpose of allowing the program to run, how ambiguity at the type level should be resolved and which constraints can be safely ignored and turned into warnings.
References
[1]
Jan Bracker and Andy Gill. 2014. Sunroof: A Monadic DSL for Generating JavaScript. In Proceedings of the 16th International Symposium on Practical Aspects of Declarative Languages - Volume 8324 (San Diego, CA, USA) (PADL 2014). Springer-Verlag, Berlin, Heidelberg, 65--80. https://doi.org/10.1007/978--3--319-04132--2_5
[2]
Joachim Breitner, Richard A. Eisenberg, Simon Peyton Jones, and Stephanie Weirich. 2014. Safe Zero-Cost Coercions for Haskell. In Proceedings of the 19th ACM SIGPLAN International Conference on Functional Programming (Gothenburg, Sweden) (ICFP '14). Association for Computing Machinery, New York, NY, USA, 189--202. https://doi.org/10.1145/2628136.2628141
[3]
James Cheney and Ralf Hinze. 2003. Phantom types. Technical Report. Cornell University.
[4]
Iavor S. Diatchki. 2015. Improving Haskell Types with SMT. In Proceedings of the 2015 ACM SIGPLAN Symposium on Haskell (Vancouver, BC, Canada) (Haskell '15). Association for Computing Machinery, New York, NY, USA, 1--10. https://doi.org/10.1145/2804302.2804307
[5]
Matth'ias Páll Gissurarson. 2018. Suggesting Valid Hole Fits for Typed-Holes (Experience Report). In Proceedings of the 11th ACM SIGPLAN International Symposium on Haskell (St. Louis, MO, USA) (Haskell 2018). Association for Computing Machinery, New York, NY, USA, 179--185. https://doi.org/10.1145/3242744.3242760
[6]
Cordelia V. Hall, Kevin Hammond, Simon L. Peyton Jones, and Philip L. Wadler. 1996. Type Classes in Haskell. ACM Trans. Program. Lang. Syst., Vol. 18, 2 (March 1996), 109--138. https://doi.org/10.1145/227699.227700
[7]
Simon Peyton Jones, Mark Jones, and Erik Meijer. 1997. Type classes: an exploration of the design space. In Haskell workshop. 1--16.
[8]
Daan Leijen and Erik Meijer. 2000. Domain Specific Embedded Compilers. In Proceedings of the 2nd Conference on Domain-Specific Languages (Austin, Texas, USA) (DSL '99). Association for Computing Machinery, New York, NY, USA, 109--122. https://doi.org/10.1145/331960.331977
[9]
Geoffrey Mainland and Greg Morrisett. 2010. Nikola: Embedding Compiled GPU Functions in Haskell. In Proceedings of the Third ACM Haskell Symposium on Haskell (Baltimore, Maryland, USA) (Haskell '10). Association for Computing Machinery, New York, NY, USA, 67--78. https://doi.org/10.1145/1863523.1863533
[10]
Divesh Otwani and Richard A. Eisenberg. 2018. The Thoralf Plugin: For Your Fancy Type Needs. In Proceedings of the 11th ACM SIGPLAN International Symposium on Haskell (St. Louis, MO, USA) (Haskell 2018). Association for Computing Machinery, New York, NY, USA, 106--118. https://doi.org/10.1145/3242744.3242754
[11]
John Peterson. 1993. Dynamic typing in Haskell. Technical Report. Technical Report YALEU/DCS/RR-1022, Yale University, Department of Computer Science.
[12]
Riccardo Pucella and Jesse A. Tov. 2008. Haskell Session Types with (Almost) No Class. In Proceedings of the First ACM SIGPLAN Symposium on Haskell (Victoria, BC, Canada) (Haskell '08). Association for Computing Machinery, New York, NY, USA, 25--36. https://doi.org/10.1145/1411286.1411290
[13]
Alejandro Russo. 2015. Functional Pearl: Two Can Keep a Secret, If One of Them Uses Haskell. In Proceedings of the 20th ACM SIGPLAN International Conference on Functional Programming (Vancouver, BC, Canada) (ICFP '15). Association for Computing Machinery, New York, NY, USA, 280--288. https://doi.org/10.1145/2784731.2784756
[14]
Tom Schrijvers, Simon Peyton Jones, Manuel Chakravarty, and Martin Sulzmann. 2008. Type Checking with Open Type Functions. In Proceedings of the 13th ACM SIGPLAN International Conference on Functional Programming (Victoria, BC, Canada) (ICFP '08). Association for Computing Machinery, New York, NY, USA, 51--62. https://doi.org/10.1145/1411204.1411215
[15]
Alejandro Serrano and Jurriaan Hage. 2017. Type Error Customization in GHC: Controlling Expression-Level Type Errors by Type-Level Programming. In Proceedings of the 29th Symposium on the Implementation and Application of Functional Programming Languages (Bristol, United Kingdom) (IFL 2017). Association for Computing Machinery, New York, NY, USA, Article 2, bibinfonumpages15 pages. https://doi.org/10.1145/3205368.3205370
[16]
Deian Stefan, David Mazières, John C. Mitchell, and Alejandro Russo. 2016. Flexible dynamic information flow control in the presence of exceptions. Journal of Functional Programming, Vol. 27 (2016), e5. https://doi.org/10.1017/S0956796816000241
[17]
GHC Team. 2020. The ghc-8.10.1 library Constraint module . https://hackage.haskell.org/package/ghc-8.10.1/docs/src/Constraint.html Retrieved August 18, 2020 from
[18]
Mat'ias Toro, Ronald Garcia, and Éric Tanter. 2018. Type-Driven Gradual Security with References. ACM Trans. Program. Lang. Syst., Vol. 40, 4, Article 16 (Dec. 2018), bibinfonumpages55 pages. https://doi.org/10.1145/3229061
[19]
Dimitrios Vytiniotis, Simon Peyton jones, Tom Schrijvers, and Martin Sulzmann. 2011. Outsidein(x) Modular Type Inference with Local Assumptions. J. Funct. Program, Vol. 21, 4--5 (Sept. 2011), 333--412. https://doi.org/10.1017/S0956796811000098
[20]
Brent A. Yorgey, Stephanie Weirich, Julien Cretin, Simon Peyton Jones, Dimitrios Vytiniotis, and José Pedro Magalh aes. 2012. Giving Haskell a Promotion. In Proceedings of the 8th ACM SIGPLAN Workshop on Types in Language Design and Implementation (TLDI '12). Association for Computing Machinery, New York, NY, USA, 53--66.
Index Terms
- Short Paper: Weak Runtime-Irrelevant Typing for Security
Recommendations
Typing dynamic typing
Even when programming in a statically typed language we every now and then encounter statically untypable values; such values result from interpreting values or from communicating with the outside world. To cope with this problem most languages include ...
Typing dynamic typing
ICFP '02: Proceedings of the seventh ACM SIGPLAN international conference on Functional programmingEven when programming in a statically typed language we every now and then encounter statically untypable values; such values result from interpreting values or from communicating with the outside world. To cope with this problem most languages include ...
Gradual typing embedded securely in JavaScript
POPL '14JavaScript's flexible semantics makes writing correct code hard and writing secure code extremely difficult. To address the former problem, various forms of gradual typing have been proposed, such as Closure and TypeScript. However, supporting all ...
Comments
Information & Contributors
Information
Published In
November 2020
46 pages
Copyright © 2020 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 09 November 2020
Check for updates
Author Tags
Qualifiers
- Short-paper
Funding Sources
- Knut och Alice Wallenbergs Stiftelse
- Stiftelsen för Strategisk Forskning
Conference
CCS '20
Sponsor:
CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security
November 13, 2020
Virtual Event, USA
Acceptance Rates
Overall Acceptance Rate 43 of 77 submissions, 56%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 43Total Downloads
- Downloads (Last 12 months)5
- Downloads (Last 6 weeks)2
Reflects downloads up to 15 Sep 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in