An Improved Analyzer for Access-Control and Configuration Policies
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Towards Customizable Pedagogic Programming Languages
TOWARDS CUSTOMIZABLE PEDAGOGIC PROGRAMMING LANGUAGES by Kathryn E. Gray A dissertation submitted to the faculty of The University of Utah in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Computer Science School of Computing The University of Utah August 2006 Copyright c Kathryn E. Gray 2006 All Rights Reserved THE UNIVERSITY OF UTAH GRADUATE SCHOOL SUPERVISORY COMMITTEE APPROVAL of a dissertation submitted by Kathryn E. Gray This dissertation has been read by each member of the following supervisory committee and by majority vote has been found to be satisfactory. Chair: Matthew Flatt Wilson Hsieh Gary Lindstrom Joe Zachary Gilad Bracha THE UNIVERSITY OF UTAH GRADUATE SCHOOL FINAL READING APPROVAL To the Graduate Council of the University of Utah: I have read the dissertation of Kathryn E. Gray in its final form and have found that (1) its format, citations, and bibliographic style are consistent and acceptable; (2) its illustrative materials including figures, tables, and charts are in place; and (3) the final manuscript is satisfactory to the Supervisory Committee and is ready for submission to The Graduate School. Date Matthew Flatt Chair, Supervisory Committee Approved for the Major Department Martin Berzins Chair/Dean Approved for the Graduate Council David S. Chapman Dean of The Graduate School ABSTRACT In introductory education, pedagogic tools and languages can help focus students on the fundamental programming concepts. Subsets of a professional language support the presentation of the language’s syntax in step with the presentation of the underlying concepts, relieving students and instructors from superfluous details. This dissertation presents the design and implementation of pedagogic tools integrated with an introduc- tory computer science course. -
The Jlambda Language ∗ Version 3428
The JLambda Language ∗ version 3428 Ian A. Mason,† David Porter,‡ Carolyn Talcott§ July 21, 2019 ∗Ben Funnell and Linda Briesemeister suggested improvements to this manual. †SRI International, Menlo Park, California, USA, 94025. [email protected] ‡[email protected] §SRI International, Menlo Park, California, USA, 94025. [email protected] 1 Contents 1 Introduction 4 2 The JLambda Language. 4 2.1 Keywords ........................................ 5 2.2 Variables ....................................... .. 5 2.3 Definitions...................................... ... 5 2.4 PrimitiveData................................... .... 6 2.5 NumericOperations............................... ..... 7 2.6 BooleanRelations................................ ..... 7 2.7 Arrays.......................................... 8 2.7.1 ArrayConstruction.. .... .... ... .... .... .... .... ... 8 2.7.2 ArrayAccess ................................... 10 2.7.3 ArrayAssignment ............................... 10 2.8 Strings......................................... .. 11 2.9 ArbitraryObjects ................................ ..... 11 2.9.1 ObjectConstruction . ... 11 2.9.2 FieldAccess ................................... 12 2.9.3 FieldUpdating ................................. 12 2.9.4 MethodInvocation .............................. .. 13 2.10ControlForms................................... .... 14 2.10.1 LexicalBinding.... .... .... ... .... .... .... .... ... 14 2.10.2 Sequencing ................................... 15 2.10.3 LambdaExpressionsandClosures . ....... 15 2.10.4 ClosureApplication -
Tail Call Optimization in the Java Hotspot™ VM
Tail Call Optimization in the Java HotSpot™ VM MASTERARBEIT zur Erlangung des akademischen Grades Diplom-Ingenieur im Masterstudium MASTERSTUDIUM INFORMATIK Eingereicht von: Arnold Schwaighofer, 9920231 Angefertigt am: Institut für Systemsoftware Betreuung: o.Univ.-Prof. Dipl.-Ing. Dr. Dr. h.c. Hanspeter Mössenböck Mitbetreuung: Dipl.-Ing. Dr. Christian Wimmer Linz, März 2009 Abstract Many programming language implementations compile to Java bytecode, which is exe- cuted by a virtual machine (e.g the Java HotSpotTM VM). Among these languages are functional languages, which require an optimization that guarantees that certain kinds of method calls do not cause the execution stack to grow unlimitedly. This optimization is called tail call optimization and is currently not supported by the HotSpotTM VM. Implementations of functional languages have to resort to alternative techniques to guar- antee that the stack space does not increase unboundedly. These techniques complicate the implementation and also incur a performance penalty. This thesis presents techniques for supporting tail call optimization in the Java HotSpotTM Virtual Machine. Our optimization is implemented in the interpreter, the client com- piler and the server compiler. Tail call optimization normally removes stack frames to guarantee that the stack space stays bounded. However, some stack frames are required for the Java access security mechanism to work and hence cannot be removed. The virtual machine features a mechanism called deoptimization that allows one to rewrite stack frames. We describe an approach that uses the deoptimization infrastructure to compress stack frames when tail call optimization was disabled because of the security mechanism. This approach allows a series of tail calls to execute in bounded stack space in the presence of a stack-based security mechanism. -
Getting Eclipse Into the Classroom
GETTING ECLIPSE INTO THE CLASSROOM Dwight Deugo Carleton University, 1125 Colonel By Drive, Ottawa ON, K1S 5B6, Canada Keywords: Eclipse, Teaching, Java, Open Source. Abstract: In this paper, I describe an approach to integrating Eclipse into the classroom for the purpose of having students develop assignments using the Java, Scheme and Prolog programming languages. The approach attempts to overcome three problems. 1) Students wanting to learn about Eclipse have no idea where to start. 2) Educators wanting to teach Eclipse do not have available the breadth of material required to introduce students to it. 3) In most institutions, there is no room in the existing curricula to dedicate courses for explicitly teaching Eclipse. 1 INTRODUCTION problem is CS educators wanting to teach Eclipse do not have available the breadth of material required to In a survey conducted in November 2006 by BZ introduce students to Eclipse. The third, and perhaps Media (BZ Media, 2006), 66.3% of SD Times the largest problem, is that in most CS institutions subscribers surveyed reported that developers within there is no room in their existing curricula to their organizations used Eclipse (Eclipse, 2008). dedicate courses for explicitly teaching Eclipse. Their primary reasons for choosing Eclipse were its I believe the simple solution to the last problem low cost (free) and that it is open source. The major is to have Eclipse used as a common tool for uses of Eclipse reported were for its Java developing various course concepts, rather than it Development tools, followed by its J2EE Standard being the course concept itself. -
The Adventures of a Pythonista in Schemeland Release 0.1
The Adventures of a Pythonista in Schemeland Release 0.1 Michele Simionato August 05, 2009 CONTENTS 1 A bit of history3 1.1 My target.....................................3 1.2 A bit of history: Fortran and Lisp........................4 1.3 The algorithmic language Scheme........................5 2 About Scheme implementations7 2.1 About Scheme implementations.........................7 2.2 About the library problem............................8 2.3 Additional difficulties.............................. 10 3 Of parentheses and indentation 13 3.1 Of parens and indentation............................ 13 3.2 About the prefix syntax............................. 15 4 Scheme bibliography (and a first program) 17 4.1 Scheme resources for beginners......................... 17 4.2 A simple Scheme program............................ 18 5 About tail call optimization (and the module system) 21 5.1 There are no for loops in Scheme....................... 21 5.2 There is no portable module system....................... 23 5.3 A simple benchmark............................... 25 6 The danger of benchmarks 29 6.1 Beware of wasted cycles............................. 29 6.2 Beware of cheats................................. 31 6.3 Beware of naive optimization.......................... 32 6.4 Recursion vs iteration.............................. 33 7 Symbols and lists 35 7.1 Symbols..................................... 35 7.2 Lists....................................... 37 7.3 Some example.................................. 38 8 Quoting and quasi-quoting 41 8.1 Quoting..................................... -
A Java Operating System As the Foundation of a Secure Network Operating System
Michael Golm, Meik Felser, Christian Wawersich, Jürgen Kleinöder A Java Operating System as the Foundation of a Secure Network Operating System Technical Report TR-I4-02-05 ◆ August 2002 Department of Computer Sciences 4 Distributed Systems and Operating Systems Friedrich-Alexander-Universität Erlangen-Nürnberg Univ. Erlangen-Nürnberg • Informatik 4 • Martensstr. 1 • 91058 Erlangen • Germany Phone: +49.9131.85.27277 • Fax: +49.9131.85.28732 TECHNISCHE FAKULTÄT E-Mail: [email protected] • URL: http://www4.informatik.uni-erlangen.de (Faculty of Engineering Sciences) A Java Operating System as the Foundation of a Secure Network Operating System Michael Golm, Meik Felser, Christian Wawersich, Jürgen Kleinöder University of Erlangen-Nuremberg Dept. of Computer Science 4 (Distributed Systems and Operating Systems) Martensstr. 1, 91058 Erlangen, Germany {golm, felser, wawersich, kleinoeder}@informatik.uni-erlangen.de Abstract user to run arbitrary commands with root privilege [10], Errors in the design and implementation of operating [11], one executes commands in emails [12], and one is an system kernels and system programs lead to security prob- integer overflow [13]. The six buffer overflow vulnerabili- lems that very often cause a complete breakdown of all ties could have been avoided by using techniques described security mechanisms of the system. by Cowan et al. [15]. However, not all overflow attacks can We present the architecture of the JX operating system, be detected and the authors recommend the use of a type- which avoids two categories of these errors. First, there are safe language. implementation errors, such as buffer overflows, dangling An argument that is often raised against type-safe sys- pointers, and memory leaks, caused by the use of unsafe tems and software protection is that the compiler must be languages. -
Scheme Program Documentation Tools
Scheme Program Documentation Tools Kurt Nørmark Department of Computer Science Aalborg University Denmark [email protected] Abstract SchemeDoc and the Scheme Elucidator share a number of proper- ties. The input formats of both tools are defined as XML languages, This paper describes and discusses two different Scheme documen- with use of XML DTDs (Document Type Definitions) [1]. In simple tation tools. The first is SchemeDoc, which is intended for docu- cases, the input formats are relatively small setup files that hold a mentation of the interfaces of Scheme libraries (APIs). The second number of processing attributes, whereas in other cases, substantial is the Scheme Elucidator, which is for internal documentation of amounts of documentation is authored within the XML documents. Scheme programs. Although the tools are separate and intended Both tools are part of LAML (see Section 2) and as such the full for different documentation purposes they are related to each other expressiveness of Scheme can be used in the XML-related parts of in several ways. Both tools are based on XML languages for tool both SchemeDoc documentation and in elucidative programs. Fi- setup and for documentation authoring. In addition, both tools rely nally, both tools generate web output, in terms of XHTML files. on the LAML framework which—in a systematic way—makes an XML language available as a set of functions in Scheme. Finally, In this paper we give overall and concise descriptions of the tools. the Scheme Elucidator is able to integrate SchemeDoc resources as More detailed descriptions can be found on the web [16, 20]. -
Unmanned Aircraft Systems Roadmap 2005-2030
UAS ROADMAP 2005 UAS ROADMAP 2005 UAS ROADMAP 2005 EXECUTIVE SUMMARY As the Global War on Terrorism (GWOT) enters its fourth year, the contributions of unmanned aircraft (UA)* in sorties, hours, and expanded roles continue to increase. As of September 2004, some twenty types of coalition UA, large and small, have flown over 100,000 total flight hours in support of Operation ENDURING FREEDOM (OEF) and Operation IRAQI FREEDOM (OIF). Their once reconnaissance- only role is now shared with strike, force protection, and signals collection, and, in doing so, have helped reduce the complexity and time lag in the sensor-to-shooter chain for acting on “actionable intelligence.” UA systems (UAS) continue to expand, encompassing a broad range of mission capabilities. These diverse systems range in cost from a few thousand dollars to tens of millions of dollars, and range in capability from Micro Air Vehicles (MAV) weighing less than one pound to aircraft weighing over 40,000 pounds. UA, and unmanned systems in general, are changing the conduct of military operations in the GWOT by providing unrelenting pursuit without offering the terrorist a high value target or a potential captive. As the Department of Defense (DoD) develops and employs an increasingly sophisticated force of unmanned systems, including UA over the next 25 years (2005 to 2030), technologists, acquisition officials, and operational planners require a clear, coordinated plan for the evolution and transition of this capability. The overarching goal of this Roadmap, in following the Strategic Planning Guidance (SPG), is to guide the Military Departments and defense agencies toward a logical, systematic migration of mission capabilities to this new class of military tools. -
Implementation and Performance Evaluation of a Safe Runtime System in Cyclone
Implementation and Performance Evaluation of a Safe Runtime System in Cyclone ∗ Matthew Fluet Daniel Wang Cornell University Princeton University Department of Computer Science Department of Computer Science 4133 Upson Hall 35 Olden Street Ithaca, NY 14853 Princeton, NJ 08544 fl[email protected] [email protected] ABSTRACT related security problems found in applications written in In this paper we outline the implementation of a simple C. In addition to ensuring safety, these high-level languages Scheme interpreter and a copying garbage collector that are more convenient and preferable to low-level system lan- manages the memory allocated by the interpreter. The en- guages for building web based applications. One major con- tire system including the garbage collector is implemented venience, that also improves security, is automatic memory in Cyclone [11], a safe dialect of C, which supports safe and management. explicit memory management. We describe the high-level Although the majority of web based applications are writ- design of the system, report preliminary benchmarks, and ten in safe languages, the applications are typically hosted compare our approach to other Scheme systems. Our pre- on servers or web application platforms that are imple- liminary benchmarks demonstrate that one can build a sys- mented with unsafe languages such as C. For example, Perl tem with reasonable performance when compared to other based web applications are hosted on the Apache web server approaches that guarantee safety. More importantly we can by dynamically loading a native code module that imple- significantly reduce the amount of unsafe code needed to ments the Perl interpreter. -
Scheme in the Real World: a Case Study
Scheme in The Real World: A Case Study Michael Bridgen, Noel Welsh, Matthias Radestock LShift Hoxton Point 6 Rufus Street London, N1 6PE, UK fmikeb, noel, [email protected] ABSTRACT that we have in-house experience with; Java has plenty of ready- Scheme is the core technology in the back-end of the New Media made libraries available for standard tasks, like database connec- Knowledge web site developed by LShift. This case study exam- tivity and logging; Java application servers are well understood by ines how we integrated Scheme into a commercial web develop- support staff. Using Java gives us a wide choice of tools; on the ment environment, and how we used unique features of Scheme to other hand, most of these tools are more complicated than we re- simplify and speed up development. ally need. We are effectively trading some extra configuration and glue-code work for a widely familiar, pre-fabricated platform. 1. INTRODUCTION New Media Knowledge (NMK, [1]) is a business resource for indi- 2.1 Presentation viduals and companies working in interactive digital media. NMK The presentation layer uses Cocoon and XSLT. We chose XSLT has recently acquired a grant to redevelop its web site. Lateral (a as we have found it is usually close enough to HTML to be easily design company) and LShift combined to deliver the work, with modified by designers. Additionally, we've found XSLT signifi- Lateral creating the interface and LShift doing the back-end work. cantly faster and more enjoyable to develop with than other Java- This case study details the technology LShift used to implement the based web presentation layers (e.g. -
SISC: a Complete Scheme Interpreter in Java
SISC: A Complete Scheme Interpreter in Java Scott G. Miller <[email protected]> 20th February 2003 Abstract We will examine the design of SISC, a fully R5RS compliant heap-based inter- preter of the functional language Scheme, with proper tail-recursion and first-class continuations. All noteworthy components of the interpreter will be described, and as well as discussion of some implementation details related to interpretation optimizations and efficient use of the Object-Oriented host language Java. Contents 1 Introduction 2 2 Rationale 3 2.1 Proper tail recursion . 3 2.2 Continuations . 3 3 The Interpreter 4 3.1 Expression compilation . 4 3.2 Environments . 5 3.2.1 Associative Environments . 5 3.2.2 Lexical Environments . 5 3.3 Evaluation . 6 3.3.1 Execution . 7 3.3.2 Expressions . 7 3.4 Procedures . 10 3.4.1 Built-in procedures . 10 3.4.2 Closures . 10 3.4.3 Continuations . 11 3.5 Proper tail recursion . 11 3.6 Continuations . 11 3.7 Error handling . 12 3.7.1 The User’s view . 12 3.7.2 The Implementation . 13 1 4 Datatypes 13 4.1 Symbols . 14 4.2 Numbers . 14 4.3 Multiple values . 14 5 Java: Pros and Cons 15 5.1 Object-Oriented benefits . 15 6 Optimizations 16 6.1 Call-frame recycling . 16 6.2 Expression recycling . 17 6.3 Immediate fast-tracking . 17 7 Extensibility 18 8 Performance comparison 18 9 Conclusion 18 1 Introduction SISC1 is a Java based interpreter of the Scheme. It differs from most Java Scheme interpreters in that it attempts to sacrifice some simplicity in the evaluation model in order to provide a complete interpretation of Scheme. -
First Steps with Embedded Systems
First Steps with Embedded Systems Byte Craft Limited 02A4 A ox40; 02A6 B gs&0x20) 02A9 C table(); [email protected] Code Development Systems CDS m The Byte Craft Limited Code Development Do Byte Craft Limited compilers Systems are high-performance embedded support ANSI C? o development packages designed for serious All Byte Craft compilers are ANSI compatible within the developers. They generate small, fast, and limitations of the target hardware. efficient code. They enable the professional How efficient is the optimizer c developer to produce stand-alone single-chip compared to hand-written . microcontroller applications quickly. Developers assembler code? can easily port C language applications written The compiler generates object code as tight and t for other embedded platforms to the CDS. efficient as most hand-written assembler code. f Can I combine C code and www.bytecraft.com assembler in my programs? You can embed assembler code within your C program, a Features using #asm and #endasm preprocessor directives. The ! The Code Development Systems support embedded code can call C functions and directly r entire families of microcontrollers. access C variables. To pass arguments conveniently, ! The optimizing C language cross-compilers are embed your assembly code in the body of a C function. c ANSI-compatible within hardware limitations. What kinds of emulator hardware ! Tight, fast and efficient code optimization do the compilers support? For more information on supported emulator products, generates clean, customized applications. e ! A built-in Macro Assembler allows inline contact Byte Craft Limited support staff. assembly language in C source. How do the compilers handle local t ! CDS generate symbol and source reference variable declarations? Our compilers store locally-declared variables in information for C source-level debugging with y reusable local memory spaces.