January 19, 2016
Alley Stoughton
I’ll report on a case study in secure programming, focusing on the design, implementation and auditing of programs for playing the board game Battleship. I’ll begin by precisely defining the security of Battleship programs, borrowing the real/ideal paradigm of theoretical cryptography. I’ll then consider three implementations of Battleship: one in Concurrent ML featuring a trusted referee; one in Haskell/LIO using information flow control to avoid needing a trusted referee; and one in Concurrent ML using access control to avoid needing such a referee. All three implementations employ data abstraction in key ways.