Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A sound type system for secure flow analysis
Journal of Computer Security
A fast algorithm for finding dominators in a flowgraph
ACM Transactions on Programming Languages and Systems (TOPLAS)
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Java Virtual Machine Specification
Java Virtual Machine Specification
Checking secure interactions of smart card applets: extended version
Journal of Computer Security - Special issue on ESORICS 2000
Mostly-static decentralized information flow control
Mostly-static decentralized information flow control
Secure Information Flow by Self-Composition
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Software—Practice & Experience
On flow-sensitive security types
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Building an "impossible" verifier on a java card
WIESS'02 Proceedings of the 2nd conference on Industrial Experiences with Systems Software - Volume 2
Information flow analysis for java bytecode
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Secure information flow as a safety problem
SAS'05 Proceedings of the 12th international conference on Static Analysis
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
On Practical Information Flow Policies for Java-Enabled Multiapplication Smart Cards
CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
An information flow verifier for small embedded systems
WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
A sound analysis for secure information flow using abstract memory graphs
FSEN'09 Proceedings of the Third IPM international conference on Fundamentals of Software Engineering
Non-interference on UML state-charts
TOOLS'12 Proceedings of the 50th international conference on Objects, Models, Components, Patterns
| Hi-index | 0.00 |
Pervasive computing is the next generation of computing environments. As a result more and more applications are dynamically deployed on a growing set of small safe devices. Applications delivered by different vendors may share code and data while they may not trust one another. We present an information flow analysis for full Java bytecode adapted for applications dedicated to embedded systems. Existing techniques are not well adapted to this domain and are often too complex. To ease embedded operations and reduce overhead, an external static analysis is performed initially, and the results are embedded as annotations within the code and certified at loading time. In contrast with other analysis techniques, our model supports dynamic class loading. We evaluated our model on a business case study involving an electronic wallet for air miles storage and management from the literature. We obtained the same results as the other papers but under more restrictive conditions related to inherent characteristics of embedded environments.