PROSECUTOR
Programming Language-Based Security To Rescue
| Coordinatore | CHALMERS TEKNISKA HOEGSKOLA AB
Spiacenti, non ci sono informazioni su questo coordinatore. Contattare Fabio per maggiori infomrazioni, grazie. |
| Nazionalità Coordinatore | Sweden [SE] |
| Totale costo | 1˙500˙000 € |
| EC contributo | 1˙500˙000 € |
| Programma | FP7-IDEAS-ERC
Specific programme: "Ideas" implementing the Seventh Framework Programme of the European Community for research, technological development and demonstration activities (2007 to 2013) |
| Code Call | ERC-2012-StG_20111012 |
| Funding Scheme | ERC-SG |
| Anno di inizio | 2013 |
| Periodo (anno-mese-giorno) | 2013-01-01 - 2017-12-31 |
Partecipanti
| # | ||||
|---|---|---|---|---|
| 1 |
CHALMERS TEKNISKA HOEGSKOLA AB
Organization address
address: - contact info |
SE (GOETEBORG) | hostInstitution | 1˙500˙000.00 |
| 2 |
CHALMERS TEKNISKA HOEGSKOLA AB
Organization address
address: - contact info |
SE (GOETEBORG) | hostInstitution | 1˙500˙000.00 |
Mappa
Word cloud
Esplora la "nuvola delle parole (Word Cloud) per avere un'idea di massima del progetto.
Obiettivo del progetto (Objective)
'It is alarming that the society's critical infrastructures are not fully prepared to meet the challenge of information security. Modern computing systems are increasingly extensible, inter-connected, and mobile. However, exactly these trends make systems more vulnerable to attacks. A particularly exposed infrastructure is the world-wide web infrastructure, where allowing the mere possibility of fetching a web page opens up opportunities for delivering potentially malicious executable content past current security mechanisms such as firewalls. A critical challenge is to secure the computing infrastructures without losing the benefits of the trends.
It is our firm belief that attacks will continue succeeding unless a fundamental security solution, one that focuses on the security of the actual applications (code), is devised. To this end, we are convinced that application-level security can be best enforced, *by construction*, at the level of programming languages.
ProSecuToR will develop the technology of *programming language-based security* in order to secure computing infrastructures. Language-based security is an innovative approach for enforcing security by construction. The project will deliver policies and enforcement mechanisms for protecting who can see and who can modify sensitive data. Security policies will be expressible by the programmer at the construction phase. We will devise a policy framework capable of expressing fine-grained application-level security policies. We will build practical enforcement mechanisms to enforce the policies for expressive languages. Enforcement mechanisms will be fully automatic, preventing dangerous programs from executing whenever there is a possibility of compromising desired security properties. The practicality will be demonstrated by building robust web applications. ProSecuToR is expected to lead to breakthroughs in *securing web mashups* and *end-to-end web application security*.'