Section: Scientific Foundations
Security of diffuse programs
The main goal of our security research is to provide scalable and rigorous language-based techniques that can be integrated into multi-tier compilers to enforce security of diffuse programs. Research on language-based security has been carried on before in both the Mimosa  and Everest  teams ). In particular previous research has focused on controlling information flow to ensure confidentiality.
Typical language-based solutions to these problems are founded on static analysis, logics, provable cryptography, and compilers that generate correct code by construction  . Relying on the multi-tier programming language Hop that tames the complexity of writing and analysing secure diffuse applications, we are studying language-based solutions to prominent web security problems such as code injection and cross-site scripting, to name a few.