The formal semantics of programming languages: an introduction
The formal semantics of programming languages: an introduction
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
IEEE Transactions on Software Engineering
A semantic approach to secure information flow
Science of Computer Programming - Special issue on mathematics of program construction
Certification of programs for secure information flow
Communications of the ACM
A note on the confinement problem
Communications of the ACM
A uniform type structure for secure information flow
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Communication and Concurrency
Information flow vs. resource access in the asynchronous pi-calculus
ACM Transactions on Programming Languages and Systems (TOPLAS)
Secure Information Flow as Typed Process Behaviour
ESOP '00 Proceedings of the 9th European Symposium on Programming Languages and Systems
Mathematical Models of Computer Security
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Classification of Security Properties (Part I: Information Flow)
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Protection in Programming-Language Translations
ICALP '98 Proceedings of the 25th International Colloquium on Automata, Languages and Programming
FoSSaCS '02 Proceedings of the 5th International Conference on Foundations of Software Science and Computation Structures
Securing Communication in a Concurrent Language
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Confidentiality for Mobile Code: The Case of a Simple Payment Protocol
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Information Flow Analysis in a Discrete-Time Process Algebra
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Probabilistic Noninterference for Multi-Threaded Programs
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Possibilistic Definitions of Security - An Assembly Kit
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
A Simple View of Type-Secure Information Flow in the "-Calculus
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Information Flow Security in Dynamic Contexts
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A unifying approach to the security of distributed and multi-threaded programs
Journal of Computer Security - Special issue on CSFW14
Noninterference through flow analysis
Journal of Functional Programming
On the secure implementation of security protocols
ESOP'03 Proceedings of the 12th European conference on Programming
Information flow for Algol-like languages
Computer Languages, Systems and Structures
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Decidability and proof systems for language-based noninterference relations
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
State-oriented Noninterference for CCS
Electronic Notes in Theoretical Computer Science (ENTCS)
Secure information flow for a concurrent language with scheduling
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
A comparison of semantic models for noninterference
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
A comparison of semantic models for noninterference
Theoretical Computer Science
Flexible scheduler-independent security
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Generalized abstract non-interference: abstract secure information-flow analysis for automata
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Timing-sensitive information flow analysis for synchronous systems
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Limiting information leakage in event-based communication
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Towards a practical secure concurrent language
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Hi-index | 0.00 |
Language-based and process calculi-based information security are well developed fields of computer security. Although these fields have much in common, it is somewhat surprising that the literature lacks a comprehensive account of a formal link between the two disciplines. This paper develops such a link between a language-based specification of security and a process-algebraic framework for security properties. Encoding imperative programs into a CCS-like process calculus, we show that timing-sensitive security for these programs exactly corresponds to the well understood process-algebraic security property of persistent bisimulation-based nondeducibility on compositions (P_BNDC). This rigorous connection opens up possibilities for cross-fertilization, leading to both flexible policies when specifying the security of heterogeneous systems and to a synergy of techniques for enforcing security specifications.