Experience in using a typed functional language for the development of a security application

@inproceedings{Doligez2014ExperienceIU,
  title={Experience in using a typed functional language for the development of a security application},
  author={Damien Doligez and Christ{\`e}le Faure and Th{\'e}r{\`e}se Hardin and Manuel Maarek},
  booktitle={F-IDE},
  year={2014}
}
In this paper we present our experience in developing a security application using a typed functional language. We describe how the formal grounding of its semantic and compiler have allowed for a trustworthy development and have facilitated the fulfillment of the security specification. 

Avoiding Security Pitfalls with Functional Programming: A Report on the Development of a Secure XML Validator

The challenges involved in processing XML data in a critical context are explained, the choices in designing a secure XML validator are described, and how features of functional languages were used to enforce security requirements are detailed.

Avoiding Security Pitfalls with Functional Programming

The challenges involved in processing XML data in a critical context are explained, the choices in designing a secure XML validator are described, and how features of functional languages were used to enforce security requirements are detailed.

References

SHOWING 1-10 OF 14 REFERENCES

Trusted Software within Focal

The Integrated Development Environment Focal is an IDE providing powerful functional and object-oriented features that allow to formally express specification and to go step by step (in an incremental approach) to design and implement while proving that the implementation meets its specification or design requirements.

eXtensible Markup Language (XML) 1.0 (Second Edition)

The Extensible Markup Language (XML) is a subset of SGML that is completely described in this document. Its goal is to enable generic SGML to be served, received, and processed on the Web in the way

Extensible Markup Language (XML)

XML is an extremely simple dialect of SGML which is completely described in this document, to enable generic SGML to be served, received, and processed on the Web in the way that is now possible with HTML.

Outils associés au langage OCaml Étude de la sécurité intrinsèque des langages fonctionnels (LaFoSec), ANSSI. SafeRiver, CEDRIC and Normation

  • ANSSI
  • 2011

Modèles d'exécution du langage OCaml. Étude de la sécurité intrinsèque des langages fonctionnels (LaFoSec), ANSSI. SafeRiver, CEDRIC and Normation

  • French. Available at
  • 2011

The Objective Caml system release

  • Vouillon
  • 2010

Analyse des langages OCaml, Scala et F#. Étude de la sécurité intrinsèque des langages fonctionnels (LaFoSec), ANSSI. SafeRiver, CEDRIC and Normation

  • French. Available at
  • 2011

XML Validator Generator XSVGen. Étude de la sécurité intrinsèque des langages fonctionnels (LaFoSec), première tranche conditionnelle (TC1), ANSSI. SafeRiver, CEDRIC and Oppida

  • ANSSI
  • 2012

Étude de la sécurité intrinsèque des langages fonctionnels (LaFoSec), ANSSI. SafeRiver, CEDRIC and Normation

  • État des lieux des langages fonctionnels
  • 2011