{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T13:58:13Z","timestamp":1775743093539,"version":"3.50.1"},"reference-count":43,"publisher":"Association for Computing Machinery (ACM)","issue":"OOPSLA1","license":[{"start":{"date-parts":[[2024,4,29]],"date-time":"2024-04-29T00:00:00Z","timestamp":1714348800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"NSF","award":["CSR-2106117, XPS-1629126, and CNS-2207202"],"award-info":[{"award-number":["CSR-2106117, XPS-1629126, and CNS-2207202"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Proc. ACM Program. Lang."],"published-print":{"date-parts":[[2024,4,29]]},"abstract":"<jats:p>Information flow control (IFC) provides confidentiality by enforcing noninterference, which ensures that high-secrecy values cannot affect low-secrecy values. Prior work introduces fine-grained IFC approaches that modify the programming language and use non-standard compilation tools, impose run-time overhead, or report false secrecy leaks\u2014all of which hinder adoption.  \n\t\t  \nThis paper presents Cocoon, a Rust library for static type-based IFC that uses the unmodified Rust language and compiler. The key insight of Cocoon lies in leveraging Rust\u2019s type system and procedural macros to establish an effect system that enforces noninterference. A performance evaluation shows that using Cocoon increases compile time but has no impact on application performance. To demonstrate Cocoon\u2019s utility, we retrofitted two popular Rust programs, the Spotify TUI client and Mozilla\u2019s Servo browser engine, to use Cocoon to enforce limited confidentiality policies<\/jats:p>","DOI":"10.1145\/3649817","type":"journal-article","created":{"date-parts":[[2024,4,29]],"date-time":"2024-04-29T17:53:50Z","timestamp":1714413230000},"page":"166-193","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["Cocoon: Static Information Flow Control in Rust"],"prefix":"10.1145","volume":"8","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-9605-3999","authenticated-orcid":false,"given":"Ada","family":"Lamba","sequence":"first","affiliation":[{"name":"Ohio State University, Columbus, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-7873-9694","authenticated-orcid":false,"given":"Max","family":"Taylor","sequence":"additional","affiliation":[{"name":"Ohio State University, Columbus, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2373-7171","authenticated-orcid":false,"given":"Vincent","family":"Beardsley","sequence":"additional","affiliation":[{"name":"Ohio State University, Columbus, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-3136-0753","authenticated-orcid":false,"given":"Jacob","family":"Bambeck","sequence":"additional","affiliation":[{"name":"Ohio State University, Columbus, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8971-4944","authenticated-orcid":false,"given":"Michael D.","family":"Bond","sequence":"additional","affiliation":[{"name":"Ohio State University, Columbus, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6527-5994","authenticated-orcid":false,"given":"Zhiqiang","family":"Lin","sequence":"additional","affiliation":[{"name":"Ohio State University, Columbus, USA"}]}],"member":"320","published-online":{"date-parts":[[2024,4,29]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/292540.292555"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/3453483.3454074"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-88313-5_22"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1554339.1554353"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3139645.3139660"},{"key":"e_1_2_1_6_1","unstructured":"Edwin Brady. 2007. Idris. Archived from http:\/\/www-fp.cs.st-and.ac.uk\/ eb\/darcs\/Idris\/"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","unstructured":"Roderick Chapman and Adrian Hilton. 2004. Enforcing Security and Safety Models with an Information Flow Analysis Tool. In Proceedings of the 2004 Annual ACM SIGAda International Conference on Ada: The Engineering of Correct and Reliable Software for Real-Time & Distributed Systems Using Ada and Related Technologies (SIGAda \u201904). Association for Computing Machinery New York NY USA. 39\u201346. isbn:1581139063 https:\/\/doi.org\/10.1145\/1032297.1032305 10.1145\/1032297.1032305","DOI":"10.1145\/1032297.1032305"},{"key":"e_1_2_1_8_1","volume-title":"Expressive and Enforceable Information Security Policies. Ph. D. Dissertation","author":"Chong Stephen Nathaniel","unstructured":"Stephen Nathaniel Chong. 2008. Expressive and Enforceable Information Security Policies. Ph. D. Dissertation. Cornell University. \"http:\/\/people.seas.harvard.edu\/~chong\/pubs\/chong_dissertation.pdf\""},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3519939.3523445"},{"key":"e_1_2_1_10_1","volume-title":"The Computer Language 22.05 Benchmarks Game. https:\/\/benchmarksgame-team.pages.debian.net\/benchmarksgame\/index.html Accessed","author":"Debian","year":"2022","unstructured":"Debian benchmarksgame-team. 2022. The Computer Language 22.05 Benchmarks Game. https:\/\/benchmarksgame-team.pages.debian.net\/benchmarksgame\/index.html Accessed 2 November 2022"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/360051.360056"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/359636.359712"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-17138-4_3"},{"key":"e_1_2_1_14_1","volume-title":"Proceedings IEEE International Symposium on Secure Software Engineering. IEEE","author":"Hammer Christian","year":"2006","unstructured":"Christian Hammer, Jens Krinke, and Gregor Snelting. 2006. Information Flow Control for Java Based on Path Conditions in Dependence Graphs. In Proceedings IEEE International Symposium on Secure Software Engineering. IEEE, Arlington, Virginia, USA. 10 pages."},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","unstructured":"Daniel Hedin and Andrei Sabelfeld. 2012. A Perspective on Information-Flow Control. In Software Safety and Security - Tools for Analysis and Verification Tobias Nipkow Orna Grumberg and Benedikt Hauptmann (Eds.) (NATO Science for Peace and Security Series - D: Information and Communication Security Vol. 33). IOS Press Amsterdam. 319\u2013347. https:\/\/doi.org\/10.3233\/978-1-61499-028-4-319 10.3233\/978-1-61499-028-4-319","DOI":"10.3233\/978-1-61499-028-4-319"},{"key":"e_1_2_1_16_1","volume-title":"Schneider","author":"Kozyri Elisavet","year":"2016","unstructured":"Elisavet Kozyri, Owen Arden, Andrew C. Myers, and Fred B. Schneider. 2016. JRIF: reactive information flow control for Java. Cornell University Computing and Information Science. https:\/\/ecommons.cornell.edu\/handle\/1813\/41194"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294293"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","unstructured":"Ada Lamba Max Taylor Vincent Beardsley Jacob Bambeck Michael D. Bond and Zhiqiang Lin. 2024. Cocoon artifact. https:\/\/doi.org\/10.5281\/zenodo.10798978 10.5281\/zenodo.10798978","DOI":"10.5281\/zenodo.10798978"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/362375.362389"},{"key":"e_1_2_1_20_1","unstructured":"Linux Foundation. 2022. Servo. https:\/\/servo.org"},{"key":"e_1_2_1_21_1","unstructured":"Mozilla Research. 2020. The Rust Language. Archived from https:\/\/research.mozilla.org\/rust\/"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSFW.2004.1310740"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/292540.292561"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/268998.266669"},{"key":"e_1_2_1_25_1","unstructured":"Andrew C. Myers Lantian Zheng Steve Zdancewic Stephen Chong and Nathaniel Nystrom. 2006. Jif 3.0: Java information flow. http:\/\/www.cs.cornell.edu\/jif"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.5555\/3489212.3489252"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-48092-7_6"},{"key":"e_1_2_1_28_1","unstructured":"Noel. 2010. The Rust Language. http:\/\/lambda-the-ultimate.org\/node\/4009"},{"key":"e_1_2_1_29_1","volume-title":"Making Computers Keep Secrets. Ph. D. Dissertation","author":"Rotenberg Leo J.","unstructured":"Leo J. Rotenberg. 1973. Making Computers Keep Secrets. Ph. D. Dissertation. Massachusetts Institute of Technology. Boston, MA."},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542484"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2784731.2784756"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2002.806121"},{"key":"e_1_2_1_33_1","volume-title":"The Flow Caml System: documentation and user\u2019s manual","author":"Simonet Vincent","unstructured":"Vincent Simonet. 2003. The Flow Caml System: documentation and user\u2019s manual. Institut National de Recherche en Informatique et en Automatique (INRIA). \u00a9 INRIA"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/268946.268975"},{"key":"e_1_2_1_35_1","unstructured":"Stack Overflow. 2022. Annual Developer Survey. https:\/\/survey.stackoverflow.co\/2022\/"},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3591250"},{"key":"e_1_2_1_37_1","unstructured":"The Rust Foundation. 2022. Prodution Users \u2014 Rust Programming Language. https:\/\/www.rust-lang.org\/production\/users"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.5555\/353629.353648"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00002"},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/2245276.2231983"},{"key":"e_1_2_1_41_1","volume-title":"Myers","author":"Zdancewic Steve","year":"2000","unstructured":"Steve Zdancewic and Andrew C. Myers. 2000. Confidentiality and Integrity with Untrusted Hosts: Technical Report. Cornell University."},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.5555\/1387589.1387610"},{"key":"e_1_2_1_43_1","volume-title":"Myers","author":"Zheng Lantian","year":"2005","unstructured":"Lantian Zheng and Andrew C. Myers. 2005. Dynamic Security Labels and Noninterference (Extended Abstract). In Formal Aspects in Security and Trust, Theo Dimitrakos and Fabio Martinelli (Eds.). Springer US, Boston, MA. 27\u201340. isbn:978-0-387-24098-5"}],"container-title":["Proceedings of the ACM on Programming Languages"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3649817","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3649817","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T22:54:06Z","timestamp":1750287246000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3649817"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,29]]},"references-count":43,"journal-issue":{"issue":"OOPSLA1","published-print":{"date-parts":[[2024,4,29]]}},"alternative-id":["10.1145\/3649817"],"URL":"https:\/\/doi.org\/10.1145\/3649817","relation":{},"ISSN":["2475-1421"],"issn-type":[{"value":"2475-1421","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,4,29]]},"assertion":[{"value":"2024-04-29","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}