Flame is a library and plugin for the Glasgow Haskell Compiler (GHC) that enforces information security policies in Haskell programs. In Flame, sensitive information is protected by monad-like types that specify how information may flow according to the Flow-Limited Authorization Model. The operations of these Flame monads implement the type system constraints of the Flow-Limited Authorization Calculus (FLAC).

Code and demos

All code for Flame is publically available in our Bitbucket repositories. Pull requests welcome!
We have also built some example applications using Flame.

Related publications

  • Nonmalleable Information Flow Control (CCS - October 2017)
    Ethan Cecchetti, Andrew C. Myers, Owen Arden
    A new 4-safety hyperproperty for secure declassification and endorsement and a type system for enforcing it.
  • A Calculus for Flow-Limited Authorization (CSF - June 2016)
    Owen Arden, Andrew C. Myers
    A core programming model that uses flow-limited authorization to provide end-to-end information security to dynamic authorization mechanisms and programs that use them. (Corrected from original CSF'16 submission in September, 2017)
  • Flow-Limited Authorization (CSF - July 2015)
    Owen Arden, Jed Liu, Andrew C. Myers
    A new model that unifies authorization and information flow to enforce dynamic policies robustly and without side-channels.

Project members