Inductive definitions, semantics and abstract interpretations
POPL '92 Proceedings of the 19th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Abstract interpretation: a semantics-based tool for program analysis
Handbook of logic in computer science (vol. 4)
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A semantic approach to secure information flow
Science of Computer Programming - Special issue on mathematics of program construction
Information flow inference for free
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
A sound type system for secure flow analysis
Journal of Computer Security
A lattice model of secure information flow
Communications of the ACM
Representation independence, confinement and access control [extended abstract]
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Information flow inference for ML
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Checking security of Java bytecode by abstract interpretation
Proceedings of the 2002 ACM symposium on Applied computing
A unified approach to global program optimization
POPL '73 Proceedings of the 1st annual ACM SIGACT-SIGPLAN symposium on Principles of programming languages
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Abstract interpretation of operational semantics for secure information flow
Information Processing Letters
Secure Information Flow via Linear Continuations
Higher-Order and Symbolic Computation
VMCAI '02 Revised Papers from the Third International Workshop on Verification, Model Checking, and Abstract Interpretation
Checking Secure Interactions of Smart Card Applets
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Security Typings by Abstract Interpretation
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Java Bytecode Verification: Algorithms and Formalizations
Journal of Automated Reasoning
Fundamenta Informaticae - Concurrency specification and programming
Abstract non-interference: parameterizing non-interference by abstract interpretation
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Enforcing Robust Declassification
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Non-interference for a JVM-like language
TLDI '05 Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation
Statically checking confidentiality via dynamic labels
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Instruction-level security analysis for information flow in stack-based assembly languages
Information and Computation
Security Signature Inference for JavaScript-based Browser Addons
Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization
Hi-index | 0.00 |
We present a method based on abstract interpretation to check secure information flow in programs with dynamic structures where input and output channels are associated with security levels. In the concrete operational semantics each value is annotated with a security level dynamically taking into account both the explicit and the implicit information flows. We define a collecting semantics associating to each program point the set of concrete states of the machine when the point is reached. The abstract domains are obtained from the concrete ones by keeping the security levels and forgetting the actual values. An element of the abstract domain of states is a table whose rows correspond to the instructions of the program. An abstract operational semantics is defined on the abstract domain, and an efficient implementation is shown, operating a fixpoint iteration similar to that of the Java bytecode verification. The approach allows certifying a larger set of programs with respect to the typing approaches to check secure information flow.