- Subtitle:
- Mechanised Coq proofs and analysis source code supporting thesis
- Abstract:
-
Web applications written in JavaScript are regularly used for dealing with sensitive or personal data. Consequently, reasoning about their security properties has become an important problem, which is made very difficult by the highly dynamic nature of the language, particularly its support for runtime code generation via eval. In order to deal with this, we propose to investigate security analyses for languages with more principled forms of dynamic code generation. To this end, we...
Expand abstract - Files:
-
-
(gz, 6.0mb)
-
-
Version unsuitable
-
We have not obtained a suitable full-text for a given research output. See this page for more information.
-
Recently completed
-
Sometimes content is held in ORA but is unavailable for a fixed period of time to comply with the policies and wishes of rights holders.
-
Permissions
-
All content made available in ORA should comply with relevant rights, such as copyright. See this page for more information.
-
Clearance
-
Some thesis volumes scanned as part of the digitisation scheme funded by Dr Leonard Polonsky are currently unavailable due to sensitive material or uncleared third-party copyright content. We are attempting to contact authors whose theses are affected.
- Department:
- Department of Computer Science, University of Oxford
- Role:
- Researcher
- Publisher:
- University of Oxford
- Publication date:
- 2015
- DOI:
- Keywords:
- Subjects:
- Format:
- Digital
- Documentation:
-
This gzip-compressed tar archive contains files supporting a paper on information flow analysis for a JavaScript-like language, focusing on how to handle eval.<br/><br/> The focus of the paper is an automated program analysis for this language. The directory demo1 contains an implementation of this analysis in OCaml. Mechanised Coq proofs of the correctness of the analysis are in the directories coq-cfa and coq-if. Finally, demo2 contains an OCaml implementation of a transformation on progra... Expand documentation
- Copyright date:
- 2015
Dataset
Verifying information flow and metaprogramming in dynamically typed languages
Actions
Access Document
Why is the content I wish to access not available via ORA?
Bibliographic data (the information relating to research outputs) and full-text items (e.g. articles, theses, reports, etc.) arrive in ORA from several different sources. Unfortunately we are not able to make available the full-text for every research output.
Please contact the ORA team (
) if you have queries regarding unavailable content OR if you are aware of a full-text copy we can make available.
) if you have queries regarding unavailable content OR if you are aware of a full-text copy we can make available.
Content may be unavailable for the following four reasons
Alternative access to the full-text
You may be able to access the full-text directly from the publisher's website using the 'Publisher Copy' link in the 'Links & Downloads' box from a research output's ORA record page. This method may require an institutional or individual subscription to the journal/resource.
Authors
Contributors
+ Max Schäfer
Bibliographic Details
Item Description
Related Items
Terms of use
Metrics
Altmetrics
Dimensions
If you are the owner of this record, you can report an update to it here: Report update to this record