Professor Schneider states that until now, computer security has been reactive; when hackers discover a way in, we patch it.
"Our defenses improve only after they have been successfully penetrated," he explained.Fabric's programming language, an extension of the widely used Java language, builds in security as the program is written. Fabric is still a prototype, being tested on a database of Cornell computer science students.
Schneider and Myers plan to scale it up for very large distributed systems, provide for more complex security restrictions on objects and enable "mobile code" — programs that can reside on one node of a network and be run on another with assurance that they are safe and do what they claim to do. And perhaps most important (and perhaps hardest), they hope to provide formal mathematical proof that a system is really secure.
See article in
Dr. Dobb's, The World of Software Development.