Sites Inria

English version

Séminaire des équipes de recherche

Policy-Agnostic Programming for Database-Backed Applications

© INRIA Sophie Auvin - P comme Protocole

  • Date : 6/06/2017
  • Lieu : Inria de Paris, 2 rue Simone Iff, Salle Jacques-Louis Lions 2, bâtiment C
  • Intervenant(s) : Jean Yang, Carnegie Mellon University

I present a dynamic approach for enforcing information flow policies across the application and database. The approach reduces the amount of policy code required, yields formal guarantees across the application and database, works with existing relational database implementations, and scales for realistic applications. At the core of the approach is a
new, policy-agnostic programming model that factors out information flow policies from application code and database queries.

In this talk, I will present the dynamic semantics for the underlying core language, for which we have proven termination-insensitive non-interference and policy compliance. I will present Jacqueline, our policy-agnostic Python web framework, and demonstrate that in comparison to traditional applications with hand-coded policy checks, Jacqueline applications have 1) a smaller trusted computing base, 2) fewer lines of policy code, and 2) reasonable, often negligible, additional overheads. Finally, I will discuss how we are using these semantics as the foundation for static, type-driven repair for information flow security.


Jean Yang is an Assistant Professor position in the Computer Science Department at Carnegie Mellon University. She received her AB from Harvard and PhD from MIT. Her research interests are in developing programming models and tools towards making provable guarantees ubiquitous. During her PhD she created a programming
language, Jeeves, that factors information flow checks out of the rest of the program. Her paper on Verve, and operating system verified for type safety, received Best Paper Award at PLDI 2010. Jean also works on analysis tools for modeling intracellular signalling using rule-based graph-rewrite programs.

Mots-clés : Policy-Agnostic Database-Backed Applications Séminaire Prosecco Programming

Haut de page

Suivez Inria