Maintaining Database Integrity with Refinement Types

Taking advantage of recent advances in automated theorem proving, we present a new method for determining whether database transactions preserve integrity constraints. We consider check constraints and referential-integrity constraints--extracted from SQL table declarations--and application-level invariants expressed as formulas of first-order logic. Our motivation is to use static analysis of database transactions at development time, to catch bugs early, or during deployment, to allow only integrity-preserving stored procedures to be accepted. We work in the setting of a functional multi-tier language, where functional code is compiled to SQL that queries and updates a relational database. We use refinement types to track constraints on data and the underlying database. Our analysis uses a refinement-type checker, which relies on recent highly efficient SMT algorithms to check proof obligations. Our method is based on a list-processing semantics for an SQL fragment within the functional language, and is illustrated by a series of examples.

[1]  Andrew D. Gordon,et al.  Semantic subtyping with an SMT solver , 2010, ICFP '10.

[2]  Juan-Carlos Cano,et al.  HOP: achieving efficient anonymity in MANETs by combining HIP, OLSR, and pseudonyms , 2006, OOPSLA 2006.

[3]  Sebastian Maneth,et al.  Efficient Memory Representation of XML Documents , 2005, DBPL.

[4]  Martin Odersky,et al.  An Overview of the Scala Programming Language , 2004 .

[5]  Bor-Yuh Evan Chang,et al.  Boogie: A Modular Reusable Verifier for Object-Oriented Programs , 2005, FMCO.

[6]  Andrew D. Gordon,et al.  Proceedings of the 21st IEEE Computer Security Foundations Symposium, CSF 2008, Pittsburgh, Pennsylvania, USA, 23-25 June 2008 , 2008, CSF.

[7]  Georges Gardarin,et al.  Proving Consistency Of Database Transactions , 1979, Fifth International Conference on Very Large Data Bases, 1979..

[8]  Marco A. Casanova,et al.  A Formal System for Reasoning about Programs Accessing a Relational Database , 1980, ACM Trans. Program. Lang. Syst..

[9]  Philip Wadler Functional Programming: An Angry Half-Dozen , 1997, DBPL.

[10]  Cormac Flanagan,et al.  Hybrid type checking , 2006, POPL '06.

[11]  Juan Chen,et al.  Enforcing Stateful Authorization and Information Flow Policies in Fine , 2010, ESOP.

[12]  Amr Sabry,et al.  Reasoning about programs in continuation-passing style , 1992, LFP '92.

[13]  Andrew D. Gordon,et al.  A compositional theory for STM Haskell , 2009, Haskell.

[14]  Andrew D. Gordon,et al.  Roles, stacks, histories: A triple for Hoare , 2011, J. Funct. Program..

[15]  Philip Wadler,et al.  Comprehending monads , 1990, Mathematical Structures in Computer Science.

[16]  C. Tinelli,et al.  The SMT-LIB Standard : Version 1 . 0 Working Draft , 2004 .

[17]  Vivek R. Narasayya,et al.  A Static Analysis Framework for Database Applications , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[18]  Philip Wadler,et al.  A practical subtyping system for Erlang , 1997, ICFP '97.

[19]  Brian Beckman,et al.  LINQ: reconciling object, relations and XML in the .NET framework , 2006, SIGMOD Conference.

[20]  David W. Stemple,et al.  Automatic verification of database transaction safety , 1989, ACM Trans. Database Syst..

[21]  Erick Gallesio,et al.  Hop: a language for programming the web 2.0 , 2006, OOPSLA Companion.

[22]  Philip Wadler,et al.  Links: Web Programming Without Tiers , 2006, FMCO.

[23]  Robert D. Tennent,et al.  Semantics of programming languages , 1991, Prentice Hall International Series in Computer Science.

[24]  Adam Chlipala,et al.  Ur: statically-typed metaprogramming with type-level record computation , 2010, PLDI '10.

[25]  HriţcuCătălin,et al.  Semantic subtyping with an smt solver , 2012 .

[26]  Andrew D. Gordon,et al.  Refinement Types for Secure Implementations , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[27]  Michael Benedikt,et al.  Verifiable properties of database transactions , 1996, PODS '96.

[28]  Ricardo S Silva Source , 2000, BMJ : British Medical Journal.

[29]  Jean-Christophe Filliâtre Proof of Imperative Programs in Type Theory , 1998, TYPES.

[30]  Frank D. Valencia,et al.  Formal Methods for Components and Objects , 2002, Lecture Notes in Computer Science.

[31]  Matthias Felleisen,et al.  Implementation and use of the PLT scheme Web server , 2007, High. Order Symb. Comput..

[32]  Patrick Maxim Rondon,et al.  Liquid types , 2008, PLDI '08.

[33]  Lars Birkedal,et al.  Ynot: dependent types for imperative programs , 2008, ICFP.

[34]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[35]  Maribel Fernández,et al.  Curry-Style Types for Nominal Terms , 2006, TYPES.

[36]  Anne Doucet,et al.  Thémis: A database programming language handling integrity constraints , 1995, The VLDB Journal.

[37]  Andrew D. Gordon,et al.  Roles, Stacks, Histories: A Triple for Hoare , 2010, Reflections on the Work of C. A. R. Hoare.

[38]  Simon L. Peyton Jones,et al.  Comprehensive comprehensions , 2007, Haskell '07.

[39]  Greg Nelson,et al.  Extended static checking for Java , 2002, PLDI '02.

[40]  Hongwei Xi,et al.  Dependent ML An approach to practical programming with dependent types , 2007, Journal of Functional Programming.

[41]  J. Gregory Morrisett,et al.  Toward a verified relational database management system , 2010, POPL '10.