A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
Timing- and Termination-Sensitive Secure Information Flow: Exploring a New Approach
2011
2011 IEEE Symposium on Security and Privacy
Preserved Fulltext
The goal of this paper is to understand the subtleties of timing-and termination-sensitive noninterference, explore the space of possible strategies for enforcing noninterference guarantees, and formalize ...
Secure information flow guarantees the secrecy and integrity of data, preventing an attacker from learning secret information (secrecy) or injecting untrusted information (integrity). ...
Acknowledgements: We thank Frank Piessens, Dominique Devriese, and the anonymous reviewers for their comments on this paper. ...
doi:10.1109/sp.2011.19
dblp:conf/sp/KashyapWH11
fatcat:o7humqfjafcwjc2zwfk2q5kjdm
Language-based information-flow security
2003
IEEE Journal on Selected Areas in Communications
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2008; you can also visit the original URL.
The file type is application/pdf.
Recently, a promising new approach has been developed: the use of programming-language techniques for specifying and enforcing information-flow policies. ...
Conventional security mechanisms such as access control and encryption do not directly address the enforcement of information-flow policies. ...
Hicks for helpful comments and the anonymous reviewers for useful feedback. ...
doi:10.1109/jsac.2002.806121
fatcat:elktqhzkyfcqhb7kcghzi4j3pe
Information Flow Security Certification for SPARK Programs
[chapter]
2020
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
In this paper, we propose an analysis to find information flow leaks in a SPARK program using a Dynamic Labelling (DL) approach for multi-level security (MLS) programs and describe an effective algorithm ...
SPARK platform performs a rigorous data/information flow analysis to ensure the safety and reliability of a program. ...
[17] was the first exploration towards the flow security in SPARK programs with the focus on termination-and progresssensitive information leaks. ...
doi:10.1007/978-3-030-49669-2_8
fatcat:4gpq2ipeobglvpt3qowed6fcem
Tracking Information Flow in Dynamic Tree Structures
[chapter]
2009
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
This paper explores the problem of tracking information flow in dynamic tree structures. ...
However, there is more to information flow in a script that runs in a browser than simple data and control-flow dependency. ...
The paper has benefited from the comments of Christopher Kruegel, Peeter Laud, and the anonymous reviewers. This work was funded by the Swedish research agencies SSF and VR. ...
doi:10.1007/978-3-642-04444-1_6
fatcat:si47qnsfjrha5i4h3dguwv3oia
A Taxonomy of Information Flow Monitors
[chapter]
2016
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We analyse five widely explored information flow monitors: no-sensitiveupgrade (NSU), permissive-upgrade (PU), hybrid monitor (HM), secure multi-execution (SME), and multiple facets (MF). ...
We propose a rigorous comparison of information flow monitors with respect to two dimensions: soundness and transparency. ...
definition of TANI, and anonymous reviewers for feedback that helped to improve this paper. ...
doi:10.1007/978-3-662-49635-0_3
fatcat:qpfhbta57vdrrnjv3pjif53rii
Capabilities for information flow
2011
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security - PLAS '11
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is application/pdf.
This paper presents a capability-based mechanism for permissive yet secure enforcement of information-flow policies. ...
We present formal guarantees of security and permissiveness and report on experiments to enforce information-flow policies for web applications using Caja. ...
Arnar Birgisson is a recipient of the Google Europe Fellowship in Computer Security, and this research is supported in part by this Google Fellowship. ...
doi:10.1145/2166956.2166961
dblp:conf/pldi/BirgissonRS11
fatcat:whq4xzirhnggbkcinhifg5pzfi
Permissive dynamic information flow analysis
2010
Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security - PLAS '10
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
A key challenge in dynamic information flow analysis is handling implicit flows, where code conditional on a private variable updates a public variable x. ...
This permissiveupgrade strategy is more flexible than the prior approaches such as the no-sensitive-upgrade check. ...
CONCLUSION We present a permissive-upgrade semantics that tracks information flow in a more flexible manner than prior dynamic approaches, using a new label (P ) to permit partially leaked data without ...
doi:10.1145/1814217.1814220
dblp:conf/pldi/AustinF10
fatcat:kifky4vjy5bmxc74qsa4ny6yxu
We Are Family: Relating Information-Flow Trackers
[chapter]
2017
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
While information-flow security is a well-established area, there is an unsettling gap between heavyweight information-flow control, with formal guarantees yet limited practical impact, and lightweight ...
This paper proposes a framework for exploring the middle ground in the range of enforcement from tainting (tracking data flows only) to fully-fledged information-flow control (tracking both data and control ...
Acknowledgments This work was partly funded by the European Community under the ProSecuToR project and the Swedish research agency VR. ...
doi:10.1007/978-3-319-66402-6_9
fatcat:rntfzahwurdnpotvcyqagvxyvq
Stateless Code Model Checking of Information Flow Security
[article]
2016
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
In this paper, we propose a new method for verifying information flow security in concurrent programs. For the first time, we use stateless code model checking to verify observational determinism. ...
Observational determinism is a security property that characterizes secure information flow for multithreaded programs. ...
Type-based approach is insensitive to control flow and rejects many secure programs. ...
arXiv:1603.03533v1
fatcat:ifg37ha67bfxdken2xoahvnm5q
Information Flow Monitor Inlining
2010
2010 23rd IEEE Computer Security Foundations Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We show how to inline an information flow monitor, specifically a flow sensitive one previously proved to enforce termination insensitive noninterference. ...
In recent years it has been shown that dynamic monitoring can be used to soundly enforce information flow policies. ...
Acknowledgments: Ale Russo and Andrei Sabelfeld kindly shared drafts of their work and discussed it with us. Cormac Flanagan shared unpublished work on "no sensitive upgrade". ...
doi:10.1109/csf.2010.21
dblp:conf/csfw/ChudnovN10
fatcat:6lcqykyuonb5daxgtfk6yhqcqu
Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs
2009
International Journal of Information Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
PDGs have been developed over the last 20 years as a standard device to represent information flow in a program, and today can handle realistic programs. ...
We then augment PDGs with a lattice of security levels and introduce the flow equations for IFC. We describe algorithms for flow computation in detail and prove their correctness. ...
Acknowledgements We thank Jens Krinke, who contributed to previous versions of this work, for ongoing discussions on IFC; and Frank Nodes for implementing the Eclipse integration. ...
doi:10.1007/s10207-009-0086-1
fatcat:ziiyafhqn5ed3epewrob2atp5u
Foundations for Parallel Information Flow Control Runtime Systems
[chapter]
2019
Research Series on the Chinese Dream and China's Development Path
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We present the foundations for a new dynamic information flow control (IFC) parallel runtime system, LIOPAR. ...
We prove that LIOPAR is secure, i.e., it satisfies progress-and timing-sensitive non-interference, even when exposing clock and heap-statistics APIs. ...
Introduction Language-level dynamic information flow control (IFC) is a promising approach to building secure software systems. ...
doi:10.1007/978-3-030-17138-4_1
dblp:conf/post/VassenaSACRS19
fatcat:yyvea7dydrd75bhyycsgxbn3iy
Quantitative information flow as network flow capacity
2008
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation - PLDI '08
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We present a new technique for determining how much information about a program's secret inputs is revealed by its public outputs. ...
In contrast to previous techniques based on reachability from secret inputs (tainting), it achieves a more precise quantitative result by computing a maximum flow of information between the inputs and ...
Acknowledgments This research was supported in part by DARPA under contracts FA8750-06-2-0189 and HR0011-06-1-0017, and by an NSF grant CCR-0133580. ...
doi:10.1145/1375581.1375606
dblp:conf/pldi/McCamantE08
fatcat:fbstuhgt2vdvlagskjekgcha24
Quantitative information flow as network flow capacity
2008
SIGPLAN notices
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We present a new technique for determining how much information about a program's secret inputs is revealed by its public outputs. ...
In contrast to previous techniques based on reachability from secret inputs (tainting), it achieves a more precise quantitative result by computing a maximum flow of information between the inputs and ...
Acknowledgments This research was supported in part by DARPA under contracts FA8750-06-2-0189 and HR0011-06-1-0017, and by an NSF grant CCR-0133580. ...
doi:10.1145/1379022.1375606
fatcat:mzghmfy4lrcm3mogb7zc37p3ki
25 million flows later
2013
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
context-sensitive exploit generation approach. ...
high impact representative of such security issues. ...
Acknowledgments This work was in parts supported by the EU Projects Web-Sand (FP7-256964) and STREWS (FP7-318097). The support is gratefully acknowledged. ...
doi:10.1145/2508859.2516703
dblp:conf/ccs/LekiesSJ13
fatcat:hulksuxs4neglgugpd5xbsz5ce
« Previous
Showing results 1 — 15 out of 64,121 results