UCSC-SOE-19-03: FacetBook

Thomas Schmitz, Cormac Flanagan
03/11/2019 10:35 AM
Computer Science
This report describes FacetBook, a prototype social networking website that we built to ascertain the usefulness of the security library FIO, which implements (in Haskell) the Faceted Values technique for dynamic information flow control. We conduct our experiment by creating two versions of FacetBook: one that uses FIO and one that does not. We compare the two versions by counting the number of lines of code in the trusted computing base, which is the portion of code that must be carefully audited to ensure the absence of security bugs.