‹Programming› 2020
Mon 23 - Thu 26 March 2020 Porto, Portugal
Wed 25 Mar 2020 16:30 - 17:00 at Auditorium - Thinking about Data Chair(s): Jonathan Edwards

Database-backed applications often run queries with more authority than necessary. Since programs can access more data than they legitimately need, flaws in security checks at the application level can enable malicious or buggy code to view or modify data in violation of intended access control policies. Although database management systems provide tools to control access to data, these tools are not well-suited for modern applications which often have many users and consist of many different software components. First, databases are unaware of application users, and creating a new database user for each application user is impractical for applications with many users. Second, different components of the same application may require different authority, which would require creating different database users for different software components. Thus, it is difficult to properly limit the authority an application has when executing queries.

We propose ShillDB, a language for writing secure database-backed applications. ShillDB enables reasoning about database access at the language level through capabilities, which limit which database tables a program can access, and contracts, which limit what operations a program can perform on those tables. ShillDB contracts are expressed as part of function interfaces, making it easy to specify different access control policies for different components. Contracts act as executable security documentation for ShillDB programs and are enforced by the language runtime. Further, ShillDB provides database access control guarantees independent of (and in addition to) the security mechanisms of the underlying database management system.

We have implemented a prototype of ShillDB and have used it to implement the backend for a lending library reservation system with contracts for each endpoint. Our experience indicates that ShillDB is a practical language for enforcing database access control policies in realistic, multi-user applications and has reasonable performance overhead.

Wed 25 Mar
Times are displayed in time zone: (GMT+01:00) Greenwich Mean Time : Belfast change

programming-2020-papers
16:00 - 17:30: Research Papers - Thinking about Data at Auditorium
Chair(s): Jonathan Edwards
programming-2020-papers16:00 - 16:30
Research paper
Mauricio Verano MerinoTechnische Universiteit Eindhoven, Jurgen VinjuCWI, Netherlands, Tijs van der StormCWI & University of Groningen, Netherlands
Link to publication DOI Pre-print
programming-2020-papers16:30 - 17:00
Research paper
Ezra ZigmondHarvard University, Stephen ChongHarvard University, Christos DimoulasPLT @ Northwestern University, Scott MooreGalois, Inc
Link to publication DOI Pre-print
programming-2020-papers17:00 - 17:30
Research paper
Tomas PetricekUniversity of Kent
Link to publication DOI Pre-print