The formal semantics of programming languages: an introduction
The formal semantics of programming languages: an introduction
Abstract interpretation of reactive systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Probabilistic noninterference in a concurrent language
Journal of Computer Security
The SLAM project: debugging system software via static analysis
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Automatic discovery of linear restraints among variables of a program
POPL '78 Proceedings of the 5th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Trust in Cyberspace
Abstraction-Based Model Checking Using Modal Transition Systems
CONCUR '01 Proceedings of the 12th International Conference on Concurrency Theory
Temporal-Safety Proofs for Systems Code
CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
Confidentiality for Mobile Code: The Case of a Simple Payment Protocol
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Dimensions and Principles of Declassification
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Decidability and proof systems for language-based noninterference relations
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Higher-Order and Symbolic Computation
Efficient path conditions in dependence graphs for software safety analysis
ACM Transactions on Software Engineering and Methodology (TOSEM)
Algorithmic Verification of Noninterference Properties
Electronic Notes in Theoretical Computer Science (ENTCS)
Verification condition generation for conditional information flow
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Intransitive Noninterference in Dependence Graphs
ISOLA '06 Proceedings of the Second International Symposium on Leveraging Applications of Formal Methods, Verification and Validation
Opacity generalised to transition systems
International Journal of Information Security
Model checking on trees with path equivalences
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Inferring disjunctive postconditions
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Static analysis in disjunctive numerical domains
SAS'06 Proceedings of the 13th international conference on Static Analysis
Preserving secrecy under refinement
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
A fast linear-arithmetic solver for DPLL(T)
CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
Counterexample driven refinement for abstract interpretation
TACAS'06 Proceedings of the 12th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Effective verification of confidentiality for multi-threaded programs
Journal of Computer Security - Foundational Aspects of Security
Hi-index | 0.00 |
We address the problem of analyzing programs such as J2ME midlets for mobile devices, where a central correctness requirement concerns confidentiality of data that the user wants to keep secret. Existing software model checking tools analyze individual program executions, and are not applicable to checking confidentiality properties that require reasoning about equivalence among executions. We develop an automated analysis technique for such properties. We show that both over- and under- approximation is needed for sound analysis. Given a program and a confidentiality requirement, our technique produces a formula that is satisfiable if the requirement holds. We evaluate the approach by analyzing bytecode of a set of Java (J2ME) methods.