Information-flow and data-flow analysis of while-programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Computational lambda-calculus and monads
Proceedings of the Fourth Annual Symposium on Logic in computer science
Interprocedural slicing using dependence graphs
ACM Transactions on Programming Languages and Systems (TOPLAS)
A sound type system for secure flow analysis
Journal of Computer Security
An Axiomatic Approach to Information Flow in Programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Certification of programs for secure information flow
Communications of the ACM
Information flow inference for ML
ACM Transactions on Programming Languages and Systems (TOPLAS)
The Essence of Principal Typings
ICALP '02 Proceedings of the 29th International Colloquium on Automata, Languages and Programming
A Type-Based Approach to Program Security
TAPSOFT '97 Proceedings of the 7th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
Compile-Time Detection of Information Flow in Sequential Programs
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Noninterference for Concurrent Programs
ICALP '01 Proceedings of the 28th International Colloquium on Automata, Languages and Programming,
A New Type System for Secure Information Flow
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Enforcing security and safety models with an information flow analysis tool
Proceedings of the 2004 annual ACM SIGAda international conference on Ada: The engineering of correct and reliable software for real-time & distributed systems using Ada and related technologies
On flow-sensitive security types
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A logic for information flow in object-oriented programs
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Type inference and informative error reporting for secure information flow
Proceedings of the 44th annual Southeast regional conference
Science of Computer Programming
End-to-End Enforcement of Erasure and Declassification
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Applications of Boolean matrices to the analysis of flow diagrams
IRE-AIEE-ACM '59 (Eastern) Papers presented at the December 1-3, 1959, eastern joint IRE-AIEE-ACM computer conference
Termination-Insensitive Noninterference Leaks More Than Just a Bit
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
ESOP '09 Proceedings of the 18th European Symposium on Programming Languages and Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
International Journal of Information Security
Just forget it: the semantics and enforcement of information erasure
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
Experiences with PDG-Based IFC
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Information flow for Algol-like languages
Computer Languages, Systems and Structures
| Hi-index | 0.00 |
Hunt and Sands (POPL'06) studied a flow sensitive type (FST) system for multi-level security, parametric in the choice of lattice of security levels. Choosing the powerset of program variables as the security lattice yields a system which was shown to be equivalent to Amtoft and Banerjee's Hoare-style independence logic (SAS'04). Moreover, using the powerset lattice, it was shown how to derive a principal type from which all other types (for all choices of lattice) can be simply derived. Both of these earlier works gave "algorithmic" formulations of the type system/program logic, but both algorithms are of exponential complexity due to the iterative typing of While loops. Later work by Hunt and Sands (ESOP'08) adapted the FST system to provide an erasure type system which determines whether some input is correctly erased at a designated time. This type system is inherently exponential, requiring a double typing of the erasure-labelled input command. In this paper we start by developing the FST work in two key ways: (1) We specialise the FST system to a form which only derives principal types; the resulting type system has a simple algorithmic reading, yielding principal security types in polynomial time. (2) We show how the FST system can be simply extended to check for various degrees of termination sensitivity (the original FST system is completely termination insensitive, while the erasure type system is fully termination sensitive).We go on to demonstrate the power of these techniques by combining them to develop a type system which is shown to correctly implement erasure typing in polynomial time. Principality is used in an essential way to reduce type derivation size from exponential to linear.