4th Annual Symposium on Theoretical Aspects of Computer Sciences on STACS 87
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
Information flow inference for free
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
ACM Transactions on Information and System Security (TISSEC)
A sound type system for secure flow analysis
Journal of Computer Security
Information flow inference for ML
ACM Transactions on Programming Languages and Systems (TOPLAS)
A Per Model of Secure Information Flow in Sequential Programs
Higher-Order and Symbolic Computation
Partial Evaluation and Non-inference for Object Calculi
FLOPS '99 Proceedings of the 4th Fuji International Symposium on Functional and Logic Programming
Information transmission in computational systems
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
A General Theory of Composition for Trace Sets Closed under Selective Interleaving Functions
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Foundations for the run-time analysis of software systems
Foundations for the run-time analysis of software systems
The inlined reference monitor approach to security policy enforcement
The inlined reference monitor approach to security policy enforcement
Detecting and Debugging Insecure Information Flows
ISSRE '04 Proceedings of the 15th International Symposium on Software Reliability Engineering
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Stack-based access control and secure information flow
Journal of Functional Programming
Computability classes for enforcement mechanisms
ACM Transactions on Programming Languages and Systems (TOPLAS)
Certified In-lined Reference Monitoring on .NET
Proceedings of the 2006 workshop on Programming languages and analysis for security
Enforcing non-safety security policies with program monitors
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Secure slices of insecure programs
Proceedings of the 2008 ACM symposium on Information, computer and communications security
A library for light-weight information-flow security in haskell
Proceedings of the first ACM SIGPLAN symposium on Haskell
Securing information flow via dynamic capture of dependencies
Journal of Computer Security - 20th IEEE Computer Security Foundations Symposium (CSF)
Termination-Insensitive Noninterference Leaks More Than Just a Bit
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Efficient purely-dynamic information flow analysis
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
A language for information flow: dynamic tracking in multiple interdependent dimensions
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Information flow testing: the third path towards confidentiality guarantee
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Tracking information flow in dynamic tree structures
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Permissive dynamic information flow analysis
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Restricted delegation and revocation in language-based security: (position paper)
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Information flow enforcement in monadic libraries
Proceedings of the 7th ACM SIGPLAN workshop on Types in language design and implementation
Engineering secure future internet services
The future internet
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
A multi-compositional enforcement on information flow security
ICICS'11 Proceedings of the 13th international conference on Information and communications security
Multiple facets for dynamic information flow
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Limiting information leakage in event-based communication
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Capabilities for information flow
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
From dynamic to static and back: riding the roller coaster of information-flow control research
PSI'09 Proceedings of the 7th international Andrei Ershov Memorial conference on Perspectives of Systems Informatics
On-the-Fly inlining of dynamic dependency monitors for secure information flow
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Static enforcement of information flow policies for a concurrent JVM-like language
TGC'11 Proceedings of the 6th international conference on Trustworthy Global Computing
A low-overhead, value-tracking approach to information flow security
SEFM'12 Proceedings of the 10th international conference on Software Engineering and Formal Methods
Monitoring temporal information flow
ISoLA'12 Proceedings of the 5th international conference on Leveraging Applications of Formal Methods, Verification and Validation: technologies for mastering change - Volume Part I
Hi-index | 0.00 |
Non-interference is typically used as a baseline security policy to formalize confidentiality of secret information manipulated by a program. In contrast to static checking of non-interference, this paper considers dynamic, automaton-based, monitoring of information flow for a single execution of a sequential program. The monitoring mechanism is based on a combination of dynamic and static analyses. During program execution, abstractions of program events are sent to the automaton, which uses the abstractions to track information flows and to control the execution by forbidding or editing dangerous actions. The mechanism proposed is proved to be sound, to preserve executions of well-typed programs (in the security type system of Volpano, Smith and Irvine), and to preserve some safe executions of ill-typed programs.