The quotient of an abstract interpretation
Theoretical Computer Science
Making abstract interpretations complete
Journal of the ACM (JACM)
A semantic approach to secure information flow
Science of Computer Programming - Special issue on mathematics of program construction
Static enforcement of security with types
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
A sound type system for secure flow analysis
Journal of Computer Security
Certification of programs for secure information flow
Communications of the ACM
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Systematic design of program analysis frameworks
POPL '79 Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
A Per Model of Secure Information Flow in Sequential Programs
Higher-Order and Symbolic Computation
Semantics and Program Analysis of Computationally Secure Information Flow
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Abstract non-interference: parameterizing non-interference by abstract interpretation
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Adjoining declassification and attack models by abstract interpretation
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Information flow for Algol-like languages
Computer Languages, Systems and Structures
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
What You Lose is What You Leak: Information Leakage in Declassification Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Data dependencies and program slicing: from syntax to abstract semantics
PEPM '08 Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Deriving bisimulations by simplifying partitions
VMCAI'08 Proceedings of the 9th international conference on Verification, model checking, and abstract interpretation
Adjoining classified and unclassified information by abstract interpretation
Journal of Computer Security
On the rôle of abstract non-interference in language-based security
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
Timed abstract non-interference
FORMATS'05 Proceedings of the Third international conference on Formal Modeling and Analysis of Timed Systems
Modelling declassification policies using abstract domain completeness
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Generalized abstract non-interference: abstract secure information-flow analysis for automata
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
A semantic hierarchy for erasure policies
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Hi-index | 0.00 |
In this paper, we study the relationship between two models of secure information flow: the PER model (which uses equivalence relations) and the abstract non-interference model (which uses upper closure operators). We embed the lattice of equivalence relations into the lattice of closures, re-interpreting abstract non-interference over the lattice of equivalence relations. For narrow abstract non-interference, we show that the new definition is equivalent to the original, whereas for abstract non-interference it is strictly less general. The relational presentation of abstract non-interference leads to a simplified construction of the most concrete harmless attacker. Moreover, the PER model of abstract non-interference allows us to derive unconstrained attacker models, which do not necessarily either observe all public information or ignore all private information. Finally, we show how abstract domain completeness can be used for enforcing the PER model of abstract non-interference.