Reflection and Security in Dynamic Languages
Position type: PhD Student
Functional area: Lille (Villeneuve d'Asq)
To support the creation and evolution of complex systems, dynamic
languages provide support for reflection. A reflective system contains
a model of itself to enable runtime change: if we change the model,
the system changes and vice versa. Reflection allows the programmer to
do any kind of change at runtime, even those that render the system
useless or breach any kind of security guarantees. Reflection is an
established research theme and has seen a lot of work over the last
decades. The question of how to control reflection and related that of
secure reflective systems in general has not seen much research
activity. The PhD Student therefore will work on the question on how
to control reflection and work towards enabling systems that are both
reflective and secure.
The goal of this PhD is to propose a new secure reflective language
kernel for dynamic languages. The following points should be explored:
- Study existing models of security.
- Study existing reflective systems and especially prior work on
security and reflection.
- Propose a new, secure model of reflection.
- Implemented the model in a dynamic, object-oriented language.
Compétences et Profil
- Reflective programming
- Smalltalk / C
Chercheur(s) à contacter pour plus d’information/advisors :
Stéphane Ducasse : [hidden email] Marcus Denker : [hidden email]
 Marcus Denker, Tudor Gîrba, Adrian Lienhard, Oscar Nierstrasz,
Lukas Renggli and Pascal Zumkehr, “Encapsulating and Exploiting
Change with Changeboxes,” Proceedings of the 2007 International
Conference on Dynamic Languages (ICDL 2007), ACM Digital Library,
2007, pp. 25--49.
 Oscar Nierstrasz, Alexandre Bergel, Marcus Denker, Stéphane
Ducasse, Markus Gaelli and Roel Wuyts, “On the Revival of Dynamic
Languages,” Proceedings of Software Composition 2005, Thomas
Gschwind and Uwe Aßmann (Eds.), vol. 3628, LNCS 3628, 2005, pp.
 Mark S. Miller and Jonathan S. Shapiro. Paradigm Regained:
Abstraction Mechanisms for Access Control. In Proceedings of the
Eigth Asian Computing Science Conference, p. 224-242, 2003.
 Mark Samuel Miller. Robust Composition: Towards a Unified
Approach to Access Control and Concurrency Control. Ph.D.
thesis, Johns Hopkins University, Baltimore, Maryland, USA,
Marcus Denker -- http://www.marcusdenker.de INRIA Lille -- Nord Europe. Team RMoD.