Our society's widespread dependence on networked information systems for everything from personal finance to military communications makes it essential to improve the reliability and security of software. Recently, programming-languages research has demonstrated that security concerns can be addressed by using both program analysis and program rewriting as powerful and flexible enforcement mechanisms. In this talk, I will describe Jif, a variant of Java that includes mechanisms for enforcing confidentiality and integrity security policies. These security policies are expressed in an extended type system that incorporates Myers' and Liskov's decentralized label model. In addition, Jif supports robust declassification, first-class labels and principals, and label polymorphism. I will describe Jif's design, the kinds of policies expressible in the label model, and some example programs. More information about Jif is available at http://www.cs.cornell.edu/jif. The Jif project is joint work with Andrew Myers, Lantian Zheng, and Nate Nystrom, all of Cornell University.