Secure compilation is a discipline aimed at develo** compilers that preserve the security
properties of the source programs they take as input in the target programs they produce as …

Many popular web applications incorporate end-toend secure messaging protocols, which
seek to ensure that messages sent between users are kept confidential and authenticated …

JavaScript has been a de facto standard language for client-side web programs, and now it
is expanding its territory to general purpose programs. In this article, we classify the client …

Researchers have shown that, in recent years, unwanted web tracking is on the rise, with
browser-based fingerprinting being adopted by more and more websites as a viable …

This paper presents KJS, the most complete and throughly tested formal semantics of
JavaScript to date. Being executable, KJS has been tested against the ECMAScript 5.1 …

Distributed applications are difficult to program reliably and securely. Dependently typed
functional languages promise to prevent broad classes of errors and vulnerabilities, and to …

JavaScript is the most widely used web language for client-side applications. Whilst the
development of JavaScript was initially just led by implementation, there is now increasing …

Modern programming languages, ranging from Haskell and ML, to JavaScript, C# and Java,
all make extensive use of higher-order state. This paper advocates a new verification …

Good programming languages provide helpful abstractions for writing secure code, but the
security properties of the source language are generally not preserved when compiling a …

A fully abstract compiler prevents security features of the source language from being
bypassed by an attacker operating at the target language level. Unfortunately, develo** …