Challenges for Security Typed Web Scripting Languages Design

Abstract

This paper focuses on the different challenges to design a security typed web scripting language. It uses the type system approach on a simple imperative language that captures a subset of the security typed Web language constructs to express the security properties that must be held in the language with respect to its formal semantics to prevent insecure information flow in Web application system and hence the common Web application security vulnerabilities.