Alejandro Russo [Chalmers University of

Alejandro Russo
Associate Professor
Department of Computer Science and Engineering
Chalmers University of Technology

Phone: +46 31 772 1098
Fax: +46 31 772 3663
Office: EDIT 5480
Postal address: EDIT Bldg., Rännvägen 6B, 41296 Gothenburg, Sweden

Research manifesto:
Language-based information-flow security technology (IFS) is a research area based on an innovative fusion of programming language technology and computer security. IFS inspects the code of applications in order to limit the propagation of information, thereby permitting to preserve confidentiality and integrity of data. Different from IFS, traditional security mechanisms like access control, anti-virus, and firewalls are unable to satisfactory preserve the secrecy of data, e.g., access controls provide no guarantees about how data is used once access is granted. Historically, IFS was thought and conceived for military scenarios but it has recently emerged as a promising technology that can solved the insecurities of web applications (e.g, cross-site scripting) and allows the safe execution of third-party code. My research combines two research areas: IFS and functional programming (FP). Although these areas have been combined in the past, we focus on designing sound security libraries that, when used, provide IFS. To achieve that, I apply well-established concepts from FP (e.g, monads), program semantics, type-systems, and execution monitoring. Although FP facilitates the design of mechanisms for IFS, it is not enough per se to solve every security problem that might compromise the confidentiality or integrity of data. I believe that FP facilitates to address some of the open challenges of IFS, several of them neglected by several of the state-of-the-art IFS tools, that thus pushing forward this technology to provide solutions for modern applications.


Events organizer

PC member for

Reviewer for

PhD committee member for:


Graduated Master Students

  • Juan Jose Conti (2012): A Taint Mode for Python via a Library. ( More )
  • Albert Disertholf (2009/2010): Providing Integrity Policies as a Library in Haskell. ( More )
  • Ta-Chung Tsai (2007): Encoding Multithreaded Information Flow in Haskell. ( More )



  • Blog
  • YouTube channel (scuba/free diving)
  • eXTReMe Tracker


Google Scholar Profile