|
Abstract : |
"Semanticists should be the obstetricians, not the coroners, of programming languages. "-John Reynolds Recently there has been phenomenal growth in the use of the Internet through the World Wide Web. Especially interesting is the emergence of socalled "web languages", such as Java 1 [4, 5], which support the development of programs that can be downloaded to a client's machine for execution by a web browser. This brings power and flexibility to web applications, but it also brings well-known end-point security problems, such as the threat of integrity and unauthorized disclosure attacks [1]. Yet, although security has been an issue in web language design, there appears to be no formal characterization of the kinds of security properties that one can expect of programs written in these languages. A web language should, we believe, be designed so that all programs, |
