Publication Date

Spring 2016

Degree Type

Master's Project

Degree Name

Master of Science (MS)


Computer Science

First Advisor

Thomas Austin

Second Advisor

Robert Chun

Third Advisor

Frank Butt


Security Declassification Information Flow Faceted Typed Javascript


Information leaks currently represent a major security vulnerability. Malicious code, when injected into a trusted environment and executed in the context of the victim’s privileges, often results in the loss of sensitive information. To address this security issue, this paper focuses on the idea of information flow control using faceted execution [3]. This mechanism allows the interpreter to efficiently keep track of variables across multiple security levels, achieving termination-insensitive non-interference (TINI). With TINI, a program can only leak one bit of data, caused by the termination of a program. One key benefit of having faceted execution is that flow policy can be enforced automatically on the basis of its architecture, rather than relying on filtering, validation, and encoding, over user inputs.

Despite the fact that information flow control ensures strong confidentiality, such a model is too restrictive for many real-world applications. Declassification offers one way of releasing sensitive information in a controlled manner. This paper introduces Faceted JS, a modified JavaScript language that supports basic JavaScript features as well as faceted executions. To demonstrate the proper way to release sensitive data, a declassification mechanism is implemented, based on the concept of the object capability model [12] and policy-agnostic programming [4]. Finally, we cover the aspect of implementation and offer some practical examples.