|
Andrade, Rodrigo
|
SPLASH Companion '15-DOC: "Privacy and Security Constraints ..."
Privacy and Security Constraints for Code Contributions
Rodrigo Andrade
(Federal University of Pernambuco, Brazil)
In collaborative software development, developers submit their contributions, such as code commits or pull requests, to a repository. Often, this code contribution is reviewed in order to avoid privacy and security problems. Manual code review is a common way to detect such problems, but it is expensive, error-prone, and time consuming. Other automatic approaches are either designed for specific domains, such as Android platform, or demand significant effort from developers. To minimize these problems, we propose a new policy language to allow developers to specify constraints for code contributions and to enforce them between existing code and new code contributions. Our language implementation automatically checks adherence of new code contributions to these constraints for systems of different domains without demanding further effort from developers. Moreover, we plan to evaluate it regarding effectiveness and reduction of effort in finding privacy and security violations.
@InProceedings{SPLASH Companion15p27,
author = {Rodrigo Andrade},
title = {Privacy and Security Constraints for Code Contributions},
booktitle = {Proc.\ SPLASH Companion},
publisher = {ACM},
pages = {27--29},
doi = {},
year = {2015},
}
Info
|
|
Bagherzadeh, Mehdi
|
SPLASH Companion '15-DOC: "Panini: A Concurrent Programming ..."
Panini: A Concurrent Programming Model with Modular Reasoning
Mehdi Bagherzadeh
(Iowa State University, USA)
Pervasive and oblivious interference makes modular reasoning about concurrent programs difficult. This work presents Panini, a concurrent programming model with sparse and cognizant interference that enables modular reasoning.
@InProceedings{SPLASH Companion15p30,
author = {Mehdi Bagherzadeh},
title = {Panini: A Concurrent Programming Model with Modular Reasoning},
booktitle = {Proc.\ SPLASH Companion},
publisher = {ACM},
pages = {30--32},
doi = {},
year = {2015},
}
|
|
Eisl, Josef
|
SPLASH Companion '15-DOC: "Trace Register Allocation ..."
Trace Register Allocation
Josef Eisl
(JKU Linz, Austria)
This paper proposes the idea of Trace Register Allocation, a register allocation approach that is tailored for just-in-time (JIT) compilation in the context of virtual machines with run-time feedback.
The basic idea is to offload costly operations such as spilling and splitting to less frequently executed branches and to focus on efficient registers allocation for the hot parts of a program. This is done by performing register allocation on traces instead of on the program as a whole.
We believe that the basic approach is compatible to Linear Scan, the predominant register allocation algorithm for just-in-time compilation, in both code quality and allocation time, while our design leads to a simpler and more extensible solution. This extensibility allows us to add further enhancements in order to optimize the allocation based on the run-time profile of the application and thus to outperform current Linear Scan implementations.
@InProceedings{SPLASH Companion15p21,
author = {Josef Eisl},
title = {Trace Register Allocation},
booktitle = {Proc.\ SPLASH Companion},
publisher = {ACM},
pages = {21--23},
doi = {},
year = {2015},
}
|
|
Liu, Chang
|
SPLASH Companion '15-DOC: "Trace Oblivious Computation ..."
Trace Oblivious Computation
Chang Liu
(University of Maryland, USA)
In recent years, execution trace obliviousness has become an important security property in various applications in the presence of side channels. On the one hand, a cryptographic protocol called Oblivious RAM (ORAM) has been developed as a generic tool to achieve obliviousness, while incurring an overhead. On the other hand, customized oblivious algorithms with better performance have been developed. This method, however, is not scalable in terms of human efforts. This thesis work adopts a language design approach to facilitate users to develop efficient oblivious applications. I will study sequential and parallel programs and different channels. I will design languages and security type systems to support efficient algorithm implementations, while formally enforcing obliviousness. My study for the secure computation application shows that using our compiler, one PhD student can develop an oblivious algorithm in one day which took a research group of 5 researchers 4 months to develop in 2013, while achieving 10* to 20* better performance.
@InProceedings{SPLASH Companion15p24,
author = {Chang Liu},
title = {Trace Oblivious Computation},
booktitle = {Proc.\ SPLASH Companion},
publisher = {ACM},
pages = {24--26},
doi = {},
year = {2015},
}
|
|
Miller, Gary
|
SPLASH Companion '15-DOC: "The Spreadsheet Paradigm: ..."
The Spreadsheet Paradigm: A Basis for Powerful and Accessible Programming
Gary Miller
(University of Technology Sydney, Australia)
This paper takes a cognition-centric approach for programming languages. It promotes the spreadsheet paradigm, with two concrete goals. First, it calls for the design and implementation of several language features to enhance the expressiveness of spreadsheet programming. Second, it describes a plan for rigorous empirical studies to retain the learnability of spreadsheet programming.
@InProceedings{SPLASH Companion15p33,
author = {Gary Miller},
title = {The Spreadsheet Paradigm: A Basis for Powerful and Accessible Programming},
booktitle = {Proc.\ SPLASH Companion},
publisher = {ACM},
pages = {33--35},
doi = {},
year = {2015},
}
|