The program dependence graph and its use in optimization
ACM Transactions on Programming Languages and Systems (TOPLAS)
Efficient implementation of lattice operations
ACM Transactions on Programming Languages and Systems (TOPLAS)
Interprocedural slicing using dependence graphs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
A Space-and-Time-Efficient Coding Algorithm for Lattice Computations
IEEE Transactions on Knowledge and Data Engineering
The PACAP Prototype: A Tool for Detecting Java Card Illegal Flow
JavaCard '00 Revised Papers from the First International Workshop on Java on Smart Cards: Programming and Security
On flow-sensitive security types
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A logic for information flow in object-oriented programs
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Improving usability of information flow security in java
Proceedings of the 2007 workshop on Programming languages and analysis for security
Empirical study of optimization techniques for massive slicing
ACM Transactions on Programming Languages and Systems (TOPLAS)
Static path conditions for Java
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
A non-null annotation inferencer for Java bytecode
Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
International Journal of Information Security
A certified lightweight non-interference java bytecode verifier
ESOP'07 Proceedings of the 16th European conference on Programming
Information flow analysis for java bytecode
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Security-typed languages for implementation of cryptographic protocols: a case study
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
An architecture-centric approach to detecting security patterns in software
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Information flow analysis via path condition refinement
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
From exponential to polynomial-time security typing via principal types
ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
| Hi-index | 0.00 |
Information flow control systems provide the guarantees that are required in today's security-relevant systems. While the literature has produced a wealth of techniques to ensure a given security policy, there is only a small number of implementations, and even these are mostly restricted to theoretical languages or a subset of an existing language. Previously, we presented the theoretical foundations and algorithms for dependence-graph-based information flow control (IFC). As a complement, this paper presents the implementation and evaluation of our new approach, the first implementation of a dependence-graph based analysis that accepts full Java bytecode. It shows that the security policy can be annotated in a succinct manner; and the evaluation shows that the increased runtime of our analysis—a result of being flow-, context-, and object-sensitive—is mitigated by better analysis results and elevated practicability. Finally, we show that the scalability of our analysis is not limited by the sheer size of either the security lattice or the dependence graph that represents the program.