LMonad: Information Flow Control for Haskell Web Applications

Simple item page
dc.contributor.advisorHicks, Michael Wen_US
dc.contributor.authorParker, James Leeen_US
dc.contributor.departmentComputer Scienceen_US
dc.contributor.publisherDigital Repository at the University of Marylanden_US
dc.contributor.publisherUniversity of Maryland (College Park, Md.)en_US
dc.date.accessioned2015-02-06T06:52:53Z
dc.date.available2015-02-06T06:52:53Z
dc.date.issued2014en_US
dc.description.abstractMany web applications adhere to privacy policies for users and offer rich access control policies. It can be difficult to enforce these policies because applications can be complex, large, and involve multiple developers. Information Flow Control (IFC) can address this difficulty by guaranteeing that policies are enforced. This thesis presents LMonad, an IFC system designed to enforce IFC policies in Haskell web applications. LMonad generalizes LIO, previous work that offers IFC for Haskell programs. Specifically, LMonad provides a monad transformer to enforce IFC, in LIO's style, over any existing computation. In addition, LMonad offers label annotations to specify policies, and it guarantees that database interactions adhere to the policies. To evaluate LMonad, we developed an example website with various IFC policies and converted a large, existing web application to include LMonad policies. Results indicate that LMonad has low runtime overhead and is feasible to use in terms of programmer effort.en_US
dc.identifierhttps://doi.org/10.13016/M2W32H
dc.identifier.urihttp://hdl.handle.net/1903/16239
dc.language.isoenen_US
dc.subject.pqcontrolledComputer scienceen_US
dc.subject.pquncontrolledInformation Flow Controlen_US
dc.subject.pquncontrolledProgramming Languagesen_US
dc.subject.pquncontrolledSecurityen_US
dc.titleLMonad: Information Flow Control for Haskell Web Applicationsen_US
dc.typeThesisen_US

Files

Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
Parker_umd_0117N_15867.pdf
Size:
196.84 KB
Format:
Adobe Portable Document Format
Download

Collections

UMD Theses and Dissertations
Computer Science Theses and Dissertations