alphaspirit - Fotolia

Manage Learn to apply best practices and optimize your operations.

Jeeves programming language: Can it improve security?

A new research programming language looks to make it easier to enforce security and privacy policies in applications. Expert Michael Cobb explains how it works.

I read about a new software programming language called Jeeves that automatically enforces privacy and security policies. What can you tell me about the Jeeves programming language? Is something we should look into having our developers use?

When the protocols that enable the Internet to function were first developed, privacy and security were not seen as critical, so they weren't created with either tenet in mind. Programming languages have a similar history, which leaves developers responsible for writing code that ensures security and privacy policies are enforced the entire time an application is running. The number of incidents where personal data has been intentionally or unintentionally leaked or published shows that this is extremely difficult to do. As applications become more complex, sharing data across a wide range of diverse applications, devices and networks, the problem is only going to get worse.

The Jeeves programming language aims to make it easier for application developers to ensure data is only visible to those with the correct permissions to see it. Developed by Jean Yang, an assistant professor of Computer Science at Carnegie Mellon University, Jeeves programming language uses a "policy-agnostic programming" approach; programmers can attach policies directly to the data and then write the rest of the program without having to worry about how to enforce complex policy rules. So what does this mean and how does it work?

Let's assume a social media site shows a user's location on his individual home page. Some users may be happy for anyone to see their current location, some may only want to share it with close friends, while others may want to show nothing more detailed than the state they're in. In order to enforce these important privacy choices, the development team would need to write code at every point geolocation data is shown to check which user's data is being requested, who requested it and what data to return. It is very time-consuming and costly to write control checks for every permutation of every possible data request; given the complexity of modern applications and the number of developers it takes to build them, mistakes are inevitable and not every data request will be correctly evaluated, which predictably leads to data being leaked.

Removing checks

The Jeeves programming language removes the need for developers to manually write and apply access checks throughout the program as it can track how sensitive values are used to make sure they are only shown to those with appropriate permissions; this includes values derived from computations on sensitive values. It's a similar concept to garbage collection in newer programming languages, which automates memory management, relieving programmers from manually having to deal with memory de-allocation -- a source of numerous security vulnerabilities. Programmers can enforce privacy policies by specifying multiple views, known as facets, of sensitive values; an actual GPS location would be defined as a high-confidentiality facet while the country of location could be defined as a low-confidentiality facet. Once this task is complete, programmers no longer need to worry about policy enforcement as the Jeeves runtime determines which facet should be used to ensure the correct output is shown whenever sensitive data is requested. It will no longer matter what unexpected or untested actions are taken by a user; Jeeves will only show the values the user is authorized to see.

In the era of social computing, applications and those who develop them need to do a far better job of protecting users' data and privacy. By separating privacy policy implementation from other functionality, the Jeeves programming language has the potential to make applications far more privacy robust as they process and share information. It doesn't tackle security issues such as availability or how data is stored, but it does make it easier for developers to implement, maintain and enforce privacy policies. Jeeves is still a research language, which means it's not ready to be used for major commercial software. However, enterprises need to support and promote initiatives such as this, as they can decrease development times, improve the overall quality and security of an application and reduce the likelihood of future changes to an application breaking privacy settings.

Ask the Expert:
Want to ask Michael Cobb a question about application security? Submit your questions now via email. (All questions are anonymous.)

Next Steps

Learn the truth about Windows 10 privacy settings

Find out how application wrappers can affect mobile security

Read more on the balancing act between mobile app security and privacy

This was last published in March 2016

Dig Deeper on Data privacy issues and compliance