Information-flow and data-flow analysis of while-programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A sound type system for secure flow analysis
Journal of Computer Security
Computer-Aided Reasoning: An Approach
Computer-Aided Reasoning: An Approach
PVS: A Prototype Verification System
CADE-11 Proceedings of the 11th International Conference on Automated Deduction: Automated Deduction
Design and verification of secure systems
SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
High Integrity Software: The SPARK Approach to Safety and Security
High Integrity Software: The SPARK Approach to Safety and Security
Secure Information Flow by Self-Composition
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Enforcing security and safety models with an information flow analysis tool
Proceedings of the 2004 annual ACM SIGAda international conference on Ada: The engineering of correct and reliable software for real-time & distributed systems using Ada and related technologies
Stack-based access control and secure information flow
Journal of Functional Programming
A logic for information flow in object-oriented programs
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Efficient path conditions in dependence graphs for software safety analysis
ACM Transactions on Software Engineering and Methodology (TOSEM)
Proceedings of the 13th ACM conference on Computer and communications security
Science of Computer Programming
Verification condition generation for conditional information flow
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Software for Dependable Systems: Sufficient Evidence?
Software for Dependable Systems: Sufficient Evidence?
A theorem proving approach to analysis of secure information flow
SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
Secure information flow as a safety problem
SAS'05 Proceedings of the 12th international conference on Static Analysis
From coupling relations to mated invariants for checking information flow
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Boogie Meets Regions: A Verification Experience Report
VSTTE '08 Proceedings of the 2nd international conference on Verified Software: Theories, Tools, Experiments
ICFEM '08 Proceedings of the 10th International Conference on Formal Methods and Software Engineering
ITP'11 Proceedings of the Second international conference on Interactive theorem proving
Enhancing spark's contract checking facilities using symbolic execution
SIGAda '11 Proceedings of the 2011 ACM annual international conference on Special interest group on the ada programming language
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
A certificate infrastructure for machine-checked proofs of conditional information flow
POST'12 Proceedings of the First international conference on Principles of Security and Trust
| Hi-index | 0.00 |
Information assurance applications providing Multi-Level Secure(MLS) solutions must often implement information flow policies that are conditionalin the sense that data is allowed to flow between system components only when the system satisfies certain state predicates. However, existing specification and verification environments, such as SPARK, used to develop such applications, are capable of capturing only unconditional information flows. Motivated by the need to better formally specify and certify MLS applications in industrial contexts, we present an enhancement of the SPARK system that enables specification, inference, and compositional checking of conditional information flow contracts. We report on the use of this framework for a collection of SPARK examples.