{"id":"https://openalex.org/W2017696589","doi":"https://doi.org/10.1145/2687148.2687152","title":"Statically typed string sanitation inside a python","display_name":"Statically typed string sanitation inside a python","publication_year":2014,"publication_date":"2014-10-21","ids":{"openalex":"https://openalex.org/W2017696589","doi":"https://doi.org/10.1145/2687148.2687152","mag":"2017696589"},"language":"en","primary_location":{"id":"doi:10.1145/2687148.2687152","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2687148.2687152","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2687148.2687152","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2014 International Workshop on Privacy &amp; Security in Programming","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/2687148.2687152","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5069329835","display_name":"Nathan Fulton","orcid":"https://orcid.org/0000-0002-4172-7631"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Nathan Fulton","raw_affiliation_strings":["Carnegie Mellon University, Pittsburgh, PA, USA","Carnegie-Mellon University, Pittsburgh, Pa., USA#TAB#"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I74973139"]},{"raw_affiliation_string":"Carnegie-Mellon University, Pittsburgh, Pa., USA#TAB#","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001010367","display_name":"Cyrus Omar","orcid":"https://orcid.org/0000-0003-4502-7971"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Cyrus Omar","raw_affiliation_strings":["Carnegie Mellon University, Pittsburgh, PA, USA","Carnegie-Mellon University, Pittsburgh, Pa., USA#TAB#"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I74973139"]},{"raw_affiliation_string":"Carnegie-Mellon University, Pittsburgh, Pa., USA#TAB#","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091372985","display_name":"Jonathan Aldrich","orcid":"https://orcid.org/0000-0003-0631-5591"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jonathan Aldrich","raw_affiliation_strings":["Carnegie Mellon University, Pittsburgh, PA, USA","Carnegie-Mellon University, Pittsburgh, Pa., USA#TAB#"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I74973139"]},{"raw_affiliation_string":"Carnegie-Mellon University, Pittsburgh, Pa., USA#TAB#","institution_ids":["https://openalex.org/I74973139"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5069329835"],"corresponding_institution_ids":["https://openalex.org/I74973139"],"apc_list":null,"apc_paid":null,"fwci":1.2685,"has_fulltext":true,"cited_by_count":5,"citation_normalized_percentile":{"value":0.8476943,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"3","last_page":"10"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10126","display_name":"Logic, programming, and type systems","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10126","display_name":"Logic, programming, and type systems","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9866999983787537,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8179343938827515},{"id":"https://openalex.org/keywords/python","display_name":"Python (programming language)","score":0.7477465867996216},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.7186996340751648},{"id":"https://openalex.org/keywords/regular-expression","display_name":"Regular expression","score":0.6217750906944275},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.5445542335510254},{"id":"https://openalex.org/keywords/type-safety","display_name":"Type safety","score":0.5346271991729736},{"id":"https://openalex.org/keywords/type-inference","display_name":"Type inference","score":0.5294938683509827},{"id":"https://openalex.org/keywords/string","display_name":"String (physics)","score":0.5040689706802368},{"id":"https://openalex.org/keywords/functional-programming","display_name":"Functional programming","score":0.4886220097541809},{"id":"https://openalex.org/keywords/extensibility","display_name":"Extensibility","score":0.42129582166671753},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.4052133560180664},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2132873833179474},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.12527179718017578}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8179343938827515},{"id":"https://openalex.org/C519991488","wikidata":"https://www.wikidata.org/wiki/Q28865","display_name":"Python (programming language)","level":2,"score":0.7477465867996216},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.7186996340751648},{"id":"https://openalex.org/C121329065","wikidata":"https://www.wikidata.org/wiki/Q185612","display_name":"Regular expression","level":2,"score":0.6217750906944275},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.5445542335510254},{"id":"https://openalex.org/C44779574","wikidata":"https://www.wikidata.org/wiki/Q736866","display_name":"Type safety","level":2,"score":0.5346271991729736},{"id":"https://openalex.org/C198370458","wikidata":"https://www.wikidata.org/wiki/Q586459","display_name":"Type inference","level":3,"score":0.5294938683509827},{"id":"https://openalex.org/C157486923","wikidata":"https://www.wikidata.org/wiki/Q1376436","display_name":"String (physics)","level":2,"score":0.5040689706802368},{"id":"https://openalex.org/C42383842","wikidata":"https://www.wikidata.org/wiki/Q193076","display_name":"Functional programming","level":2,"score":0.4886220097541809},{"id":"https://openalex.org/C32833848","wikidata":"https://www.wikidata.org/wiki/Q4115054","display_name":"Extensibility","level":2,"score":0.42129582166671753},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.4052133560180664},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2132873833179474},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.12527179718017578},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.0},{"id":"https://openalex.org/C37914503","wikidata":"https://www.wikidata.org/wiki/Q156495","display_name":"Mathematical physics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2687148.2687152","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2687148.2687152","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2687148.2687152","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2014 International Workshop on Privacy &amp; Security in Programming","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/2687148.2687152","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2687148.2687152","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2687148.2687152","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2014 International Workshop on Privacy &amp; Security in Programming","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1533431986","display_name":null,"funder_award_id":"H98230-14-C-014","funder_id":"https://openalex.org/F4320311089","funder_display_name":"National Security Agency"},{"id":"https://openalex.org/G2634536754","display_name":"CPS: Medium: GOALI: An Architecture Approach to Heterogeneous Verfication of Cyber-Physical Systems","funder_award_id":"1035800","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3134714700","display_name":null,"funder_award_id":"Lablet #H98230-14-C-0140","funder_id":"https://openalex.org/F4320306084","funder_display_name":"U.S. Department of Energy"},{"id":"https://openalex.org/G5025057951","display_name":null,"funder_award_id":"H98230-14-C-0140","funder_id":"https://openalex.org/F4320311089","funder_display_name":"National Security Agency"},{"id":"https://openalex.org/G7845798442","display_name":null,"funder_award_id":"H98230","funder_id":"https://openalex.org/F4320311089","funder_display_name":"National Security Agency"},{"id":"https://openalex.org/G848032724","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320306084","display_name":"U.S. Department of Energy","ror":"https://ror.org/01bj3aw27"},{"id":"https://openalex.org/F4320311089","display_name":"National Security Agency","ror":"https://ror.org/0047bvr32"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2017696589.pdf","grobid_xml":"https://content.openalex.org/works/W2017696589.grobid-xml"},"referenced_works_count":15,"referenced_works":["https://openalex.org/W80700283","https://openalex.org/W1590339273","https://openalex.org/W1760139041","https://openalex.org/W2002089154","https://openalex.org/W2017696589","https://openalex.org/W2036676170","https://openalex.org/W2072137506","https://openalex.org/W2106791773","https://openalex.org/W2144778998","https://openalex.org/W2156429182","https://openalex.org/W2161151447","https://openalex.org/W2171691057","https://openalex.org/W2196984519","https://openalex.org/W2294395356","https://openalex.org/W4242024236"],"related_works":["https://openalex.org/W1966091859","https://openalex.org/W2139966078","https://openalex.org/W3019138974","https://openalex.org/W2095136535","https://openalex.org/W2105831091","https://openalex.org/W2531621405","https://openalex.org/W4251133021","https://openalex.org/W2510433231","https://openalex.org/W4238949052","https://openalex.org/W2105232714"],"abstract_inverted_index":{"Web":[0],"applications":[1],"must":[2],"ultimately":[3],"command":[4,29],"systems":[5],"like":[6,62,142,165],"web":[7,87],"browsers":[8],"and":[9,64,203],"database":[10],"engines":[11],"using":[12,227],"strings.":[13],"Strings":[14],"derived":[15],"from":[16,95,194],"improperly":[17],"sanitized":[18],"user":[19,96],"input":[20],"can":[21,73,104,179],"as":[22,66,68,127,170,209,224],"a":[23,26,48,53,86,128,138,150,173,192,197,210,225],"result":[24],"be":[25,46,74,105,135,168,180],"vector":[27],"for":[28,157,234],"injection":[30],"attacks.":[31],"In":[32],"this":[33,123,143,166,185],"paper,":[34],"we":[35,155,190,215],"introduce":[36],"regular":[37,49,54,204],"string":[38,60],"types,":[39],"which":[40],"classify":[41],"strings":[42,57,93,202],"constrained":[43],"statically":[44,108],"to":[45,76,107,196],"in":[47,78],"language":[50,211],"specified":[51],"by":[52],"expression.":[55],"Regular":[56],"support":[58,184],"standard":[59,201],"operations":[61],"concatenation":[63],"substitution,":[65],"well":[67],"safe":[69],"coercions,":[70],"so":[71],"they":[72,178],"used":[75,106],"implement,":[77],"an":[79,229],"essentially":[80],"conventional":[81],"manner,":[82],"the":[83,147,217,222],"pieces":[84],"of":[85,149],"application":[88],"or":[89],"framework":[90],"that":[91,110,175,177],"handle":[92],"arising":[94],"input.":[97],"Simple":[98],"type":[99,124,140,159,162,218,232],"annotations":[100],"at":[101],"function":[102],"interfaces":[103],"verify":[109],"sanitization":[111],"has":[112],"been":[113],"performed":[114],"correctly":[115],"without":[116],"introducing":[117],"redundant":[118],"run-time":[119],"checks.":[120],"We":[121,183],"specify":[122,191],"system":[125,141,163,219,233],"first":[126],"minimal":[129],"typed":[130],"lambda":[131],"calculus,":[132],"lambdaRS.":[133],"To":[134],"practical,":[136],"adopting":[137],"specialized":[139],"should":[144,167],"not":[145],"require":[146],"adoption":[148],"new":[151,161],"programming":[152],"language.":[153],"Instead,":[154],"advocate":[156],"extensible":[158,230],"systems:":[160],"fragments":[164],"implemented":[169],"libraries":[171],"atop":[172],"mechanism":[174],"guarantees":[176],"safely":[181],"composed.":[182],"with":[186,199,212,221],"two":[187],"contributions.":[188],"First,":[189],"translation":[193,223],"lambdaRS":[195],"calculus":[198],"only":[200],"expressions.":[205],"Then,":[206],"taking":[207],"Python":[208],"these":[213],"constructs,":[214],"implement":[216],"together":[220],"library":[226],"typy,":[228],"static":[231],"Python.":[235]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2016,"cited_by_count":2},{"year":2014,"cited_by_count":1}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}