These guys have the right idea: a programming language that won't allow you to write insecure code. That language goes by the handle Fabric, and is currently under development by Cornell University's Applied Programming Languages Group (APLG).
Distributed computing systems comprise many interconnected nodes, and the level of trustworthiness varies across this landscape. The approach taken in Fabric is to attach security policies, by means of type annotations, to every object, and even to blocks of code. An object's policies control what operations may be performed on it, and so how its data can be accessed and changed, as well as by whom. Code policies determine where and when a particular block of code can be run.
As the APLG page puts it, "Fabric provides decentralized yet compositional security." High availability is provided using peer-to-peer replication. The new language is implemented on top of an earlier security-oriented/extended language called Jif ("Java + Information Flow"), itself compiled in Polyglot Java, so it inherits many features crucial for language-based reasoning about security in complex applications (selective, robust downgrading; language-based access control; dynamic labels; dynamic principals). Fabric also adds a guarantee of strong consistency, with the help of a hierarchical, two-phase commit protocol, respecting data security.
Version 0.1.0 of the Fabric prototype is available for download here: