Michael Gaiman

$ython

$ython (pronounced Sython) adds the ability to specify certain variables in the Python programming language as secure. The values of these secure variables are restricted and stored securely in memory. This protects sensitive data from malicious attackers and provides a higher level of assured security. Access to the values of the data can only be gained via special python commands. $ython consists of three main modules: the $ython main module, the modified Python interpreter module (known as the Python module) and the sandbox module. $ython will be a standalone application that embeds a modified version of Python. It features a plug-in based architecture to allow the way data is secured in memory to vary with the application. The Python module modifies the core language to add support for secure types and secure blocks of instructions. A dollar sign ($) is used to denote a variable as secure. The sandbox module is where the secure data is actually stored. It is responsible for protecting the data in memory and for granting access to the secure data values. This is done via a plug-in system because not all data is equally sensitive. A plug-in system allows the application developer to find the desired balance between security and performance.