Secure Implementation of Meta-predicates

  • Paulo Moura
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5418)

Abstract

This paper identifies potential security loopholes in the implementation of support for meta-predicates. Closing these loopholes depends on three conditions: a clear distinction between closures and goals, support for an extended meta-predicate directive that allows the specification of closures, and the availability of the call/2-N family of built-in meta-predicates. These conditions provide the basis for a set of simple safety rules that allows meta-predicates to be securely supported. These safety rules are currently implemented by Logtalk, an object-oriented logic programming language, and may also be applied in the context of Prolog predicate-based module systems. Experimental results illustrate how these rules can prevent several security problems, including accidental or malicious changes to the original meta-predicate arguments and bypassing of predicate scope rules and predicate scope directives.

Keywords

Logic-programming meta-predicates security 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Moura, P.: Logtalk 2.33.0 User Manual (September 2008)Google Scholar
  2. 2.
    Moura, P.: Logtalk – Design of an Object-Oriented Logic Programming Language. PhD thesis, Department of Computer Science, University of Beira Interior, Portugal (September 2003)Google Scholar
  3. 3.
    Haemmerlé, R., Fages, F.: Modules for Prolog Revisited. In: Etalle, S., Truszczyński, M. (eds.) ICLP 2006. LNCS, vol. 4079, pp. 41–55. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  4. 4.
    Group, T.X.R.: The XSB Programmer’s Manual: version 3.1 (2007)Google Scholar
  5. 5.
    Bueno, F., Cabeza, D., Carro, M., Hermenegildo, M., López, P., Puebla, G.: The Ciao Prolog System. Technical Report CLIP 3/97.1, The CLIP Group, School of Computer Science, Technical University of Madrid (December 2002)Google Scholar
  6. 6.
    Gras, D.C., Hermenegildo, M.V.: A New Module System for Prolog. In: Palamidessi, C., Moniz Pereira, L., Lloyd, J.W., Dahl, V., Furbach, U., Kerber, M., Lau, K.-K., Sagiv, Y., Stuckey, P.J. (eds.) CL 2000. LNCS, vol. 1861, pp. 131–148. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  7. 7.
    Cheadle, A.M., Harvey, W., Sadler, A.J., Schimpf, J., Shen, K., Wallace, M.G.: ECLiPSe: A tutorial introduction. Technical Report IC-Parc-03-1, IC-Parc, Imperial College, London (2003)Google Scholar
  8. 8.
    ISO/IEC: International Standard ISO/IEC 13211-2 Information Technology — Programming Languages — Prolog — Part II: Modules. ISO/IEC (2000)Google Scholar
  9. 9.
    for Computer Science, S.I.: Quintus Prolog 3.5 User’s Manual (2003)Google Scholar
  10. 10.
    O’Keefe, R.: An Elementary Prolog Library, http://www.cs.otago.ac.nz/staffpriv/ok/pllib.htm
  11. 11.
    for Computer Science, S.I.: SICStus Prolog 4.0.2 User Manual (2007)Google Scholar
  12. 12.
    Costa, V.S.: The YAP User’s Manual: version 5.1.3 (2008)Google Scholar
  13. 13.
    Wielemaker, J., Anjewierden, A.: An Architecture for Making Object-Oriented Systems Available from Prolog. In: Proceedings of the 12th International Workshop on Logic Programming Environments, pp. 97–110 (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Paulo Moura
    • 1
  1. 1.Dep. of Computer ScienceUniversity of Beira Interior, Portugal, Center for Research in Advanced Computing Systems, INESC–PortoPortugal

Personalised recommendations