Fabric is a high-level programming language for building open distributed applications with strong security. Fabric enables securely computing and storing information, and sharing code and data across trust boundaries. It is being developed by the Applied Programming Languages Group at Cornell University.
Fabric presents a single-system image of all resources that can be named by it, making programming easy. It is a decentralized system with no central security enforcement mechanism, yet it provides security guarantees to mutually distrusting users. The key to strong, compositional information security guarantees is the use of information flow control.
Fabric's programming language, based on Jif, controls the placement of computation and data through type annotations that set policies for information security. Using information flow control, Fabric also makes mobile code secure. Strong consistency is ensured through a hierarchical two-phase commit protocol that respects information security. Fabric also leverages peer-to-peer replication to provide high availability.
Sign up for news about Fabric!
In addition to the downloads below, the full history of Fabric releases is also available on GitHub:
Fabric 0.2.2 (July 2014) has support for local deadlock detection, bug fixes, and performance improvements. There is also a branch of 0.2.2 that additionally incorporates support for state warranties, as described in our NSDI 2014 paper.
|June 2013||Reference manual||ChangeLog|
|October 2012||Reference manual||ChangeLog|
Related group publications
28th IEEE Symp. on Computer Security Foundations (CSF'15), July 2015. Owen Arden, Jed Liu, and Andrew C. Myers.
- A language-based approach to secure quorum replication9th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS 2014), July 2014. Lantian Zheng and Andrew C. Myers.
- Defining and enforcing referential security3rd Conference on Principles of Security and Trust (POST'14), pp. 199–219, April 2014. Jed Liu and Andrew C. Myers.
- Warranties for faster strong consistency11th USENIX Symposium on Networked Systems Design and Implementation (NSDI'14), pp. 503–517, April 2014. Jed Liu, Tom Magrino, Owen Arden, Michael D. George, and Andrew C. Myers.
- Language-based control and mitigation of timing channelsProceedings of the 2012 ACM Conference on Programming Language Design and Implementation (PLDI'12), pp. 99–110, June 2012. Danfeng Zhang, Aslan Askarov, and Andrew C. Myers.
- Sharing mobile code securely with information flow controlProc. 33rd IEEE Symposium on Security and Privacy (Oakland'12), pp. 192–205, May 2012. Owen Arden, Michael D. George, Jed Liu, K. Vikram, Aslan Askarov, and Andrew C. Myers.
- Attacker control and impact for confidentiality and integrityLogical Methods in Computer Science, 7(3), September 2011. Aslan Askarov and Andrew C. Myers.
- Predictive mitigation of timing channels in interactive systemsProceedings of the 18th ACM Conference on Computer and Communications Security (CCS'11), pp. 563–574, October 2011. Danfeng Zhang, Aslan Askarov, and Andrew C. Myers.
- Predictive black-box mitigation of timing channelsProceedings of the 17th ACM Conference on Computer and Communications Security (CCS'10), pp. 297–307, October 2010. Aslan Askarov, Danfeng Zhang, and Andrew C. Myers.
- Towards a secure federated information system. Ph.D. thesis, Cornell University Department of Computer Science, August 2012. Jed Liu.
- Fabric: A platform for secure distributed computation and storageProc. 22nd ACM Symposium on Operating Systems Principles (SOSP'09), pp. 321–334, October 2009. Jed Liu, Michael D. George, K. Vikram, Xin Qi, Lucas Waye, and Andrew C. Myers.
Past contributorsThe development of Fabric has been supported by a number of funding sources, including NSF awards 0627649 and CCF-0964409; TRUST (Team for Research in Ubiquitous Secure Technology), which receives support from the NSF (CCF-0424422); ONR awards N00014-09-1-0652 and N00014-13-1-0089; and Air Force Research Laboratory award FA8750-08-2-0079. Fabric is also supported by a free open-source JProfiler license. This work does not necessarily represent the opinions, expressed or implied, of any of these sponsors.
- A language-based approach to secure quorum replication