alphaspirit - Fotolia
I read about a new software programming language called Jeeves that automatically enforces privacy and security policies. What can you tell me about the Jeeves programming language? Is something we should look into having our developers use?
When the protocols that enable the Internet to function were first developed, privacy and security were not seen as critical, so they weren't created with either tenet in mind. Programming languages have a similar history, which leaves developers responsible for writing code that ensures security and privacy policies are enforced the entire time an application is running. The number of incidents where personal data has been intentionally or unintentionally leaked or published shows that this is extremely difficult to do. As applications become more complex, sharing data across a wide range of diverse applications, devices and networks, the problem is only going to get worse.
The Jeeves programming language aims to make it easier for application developers to ensure data is only visible to those with the correct permissions to see it. Developed by Jean Yang, an assistant professor of Computer Science at Carnegie Mellon University, Jeeves programming language uses a "policy-agnostic programming" approach; programmers can attach policies directly to the data and then write the rest of the program without having to worry about how to enforce complex policy rules. So what does this mean and how does it work?
Let's assume a social media site shows a user's location on his individual home page. Some users may be happy for anyone to see their current location, some may only want to share it with close friends, while others may want to show nothing more detailed than the state they're in. In order to enforce these important privacy choices, the development team would need to write code at every point geolocation data is shown to check which user's data is being requested, who requested it and what data to return. It is very time-consuming and costly to write control checks for every permutation of every possible data request; given the complexity of modern applications and the number of developers it takes to build them, mistakes are inevitable and not every data request will be correctly evaluated, which predictably leads to data being leaked.
The Jeeves programming language removes the need for developers to manually write and apply access checks throughout the program as it can track how sensitive values are used to make sure they are only shown to those with appropriate permissions; this includes values derived from computations on sensitive values. It's a similar concept to garbage collection in newer programming languages, which automates memory management, relieving programmers from manually having to deal with memory de-allocation -- a source of numerous security vulnerabilities. Programmers can enforce privacy policies by specifying multiple views, known as facets, of sensitive values; an actual GPS location would be defined as a high-confidentiality facet while the country of location could be defined as a low-confidentiality facet. Once this task is complete, programmers no longer need to worry about policy enforcement as the Jeeves runtime determines which facet should be used to ensure the correct output is shown whenever sensitive data is requested. It will no longer matter what unexpected or untested actions are taken by a user; Jeeves will only show the values the user is authorized to see.
Ask the Expert:
Want to ask Michael Cobb a question about application security? Submit your questions now via email. (All questions are anonymous.)
Dig Deeper on Data privacy issues and compliance
Related Q&A from Michael Cobb
Sending sensitive information in attachments is inherently unsafe, and the main way to secure them -- encryption -- can be implemented inconsistently... Continue Reading
Spyware can steal mundane information, track a user's every move and everything in between. Read up on the types of spyware and how to best fix ... Continue Reading
Explore the differences between symmetric vs. asymmetric encryption algorithms, including common uses and examples of both, as well as their pros and... Continue Reading