Using Replication and Partitioning to Build Secure Distributed Systems
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Statically assuring secrecy for dynamic concurrent processes
Proceedings of the 5th ACM SIGPLAN international conference on Principles and practice of declaritive programming
A unifying approach to the security of distributed and multi-threaded programs
Journal of Computer Security - Special issue on CSFW14
Abstract non-interference: parameterizing non-interference by abstract interpretation
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Dynamic label binding at run-time
Proceedings of the 2003 workshop on New security paradigms
Securing web application code by static analysis and runtime protection
Proceedings of the 13th international conference on World Wide Web
On the secure implementation of security protocols
Science of Computer Programming - Special issue on 12th European symposium on programming (ESOP 2003)
Proceedings of the 5th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Proceedings of the 5th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Translating dependency into parametricity
Proceedings of the ninth ACM SIGPLAN international conference on Functional programming
OOPSLA '04 Companion to the 19th annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Formally verifying information flow type systems for concurrent and thread systems
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Enforcing security and safety models with an information flow analysis tool
Proceedings of the 2004 annual ACM SIGAda international conference on Ada: The engineering of correct and reliable software for real-time & distributed systems using Ada and related technologies
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Non-interference for a JVM-like language
TLDI '05 Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation
Downgrading policies and relaxed noninterference
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Policy framings for access control
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
A monadic analysis of information flow security with mutable state
Journal of Functional Programming
Stack-based access control and secure information flow
Journal of Functional Programming
ACM SIGPLAN Notices
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
An approach for realizing privacy-preserving web-based services
WWW '05 Special interest tracks and posters of the 14th international conference on World Wide Web
An agent-based inter-application information flow control model
Journal of Systems and Software - Special issue: Software engineering education and training
Symmetric behavior-based trust: a new paradigm for internet computing
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Verifying information flow goals in security-enhanced Linux
Journal of Computer Security - Special issue on WITS'03
Security policy in a declarative style
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Towards a unifying view on security contracts
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Using dynamic information flow analysis to detect attacks against applications
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
An information flow control model for C applications based on access control lists
Journal of Systems and Software
The taser intrusion recovery system
Proceedings of the twentieth ACM symposium on Operating systems principles
Secrecy despite compromise: types, cryptography, and the pi-calculus
CONCUR 2005 - Concurrency Theory
Maintaining privacy on derived objects
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Decidability and proof systems for language-based noninterference relations
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
On flow-sensitive security types
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A logic for information flow in object-oriented programs
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Trusted declassification:: high-level policy for a security-typed language
Proceedings of the 2006 workshop on Programming languages and analysis for security
Refactoring programs to secure information flows
Proceedings of the 2006 workshop on Programming languages and analysis for security
Efficient type inference for secure information flow
Proceedings of the 2006 workshop on Programming languages and analysis for security
An empirical study of the strength of information flows in programs
Proceedings of the 2006 international workshop on Dynamic systems analysis
Abstract non-interference in a fragment of Java bytecode
Proceedings of the 2006 ACM symposium on Applied computing
Information flow in secure contexts
Journal of Computer Security
Enforcing robust declassification and qualified robustness
Journal of Computer Security - Special issue on CSFW17
Efficient path conditions in dependence graphs for software safety analysis
ACM Transactions on Software Engineering and Methodology (TOSEM)
Super-sticky and declassifiable release policies for flexible information dissemination control
Proceedings of the 5th ACM workshop on Privacy in electronic society
P-congruences as non-interference for the pi-calculus
Proceedings of the fourth ACM workshop on Formal methods in security
Secure information flow with random assignment and encryption
Proceedings of the fourth ACM workshop on Formal methods in security
Type inference and informative error reporting for secure information flow
Proceedings of the 44th annual Southeast regional conference
Adaptiveness in well-typed Java bytecode verification
CASCON '06 Proceedings of the 2006 conference of the Center for Advanced Studies on Collaborative research
Science of Computer Programming
Security types preserving compilation
Computer Languages, Systems and Structures
Classification of security properties in a Linda-like process algebra
Science of Computer Programming - Special issue on security issues in coordination models, languages, and systems
Concrete and Abstract Semantics to Check Secure Information Flow in Concurrent Programs
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P 2003)
What You Lose is What You Leak: Information Leakage in Declassification Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
SOS formats and meta-theory: 20 years after
Theoretical Computer Science
Improved typings for probabilistic noninterference in a multi-threaded language
Journal of Computer Security
Information flow security in dynamic contexts
Journal of Computer Security
Observational purity and encapsulation
Theoretical Computer Science
Scrash: a system for generating secure crash information
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Improving usability of information flow security in java
Proceedings of the 2007 workshop on Programming languages and analysis for security
A domain-specific programming language for secure multiparty computation
Proceedings of the 2007 workshop on Programming languages and analysis for security
Localized delimited release: combining the what and where dimensions of information release
Proceedings of the 2007 workshop on Programming languages and analysis for security
Towards a logical account of declassification
Proceedings of the 2007 workshop on Programming languages and analysis for security
Fast probabilistic simulation, nontermination, and secure information flow
Proceedings of the 2007 workshop on Programming languages and analysis for security
ABASH: finding bugs in bash scripts
Proceedings of the 2007 workshop on Programming languages and analysis for security
A logical specification and analysis for SELinux MLS policy
Proceedings of the 12th ACM symposium on Access control models and technologies
An End-To-End Approach to Distributed Policy Language Implementation
Electronic Notes in Theoretical Computer Science (ENTCS)
Towards automatic identification of completeness and consistency in digital dossiers
Proceedings of the 11th international conference on Artificial intelligence and law
eBPSM: a new security paradigm for e-business organisations (e-business process security model)
Proceedings of the ninth international conference on Electronic commerce
Instruction-level security analysis for information flow in stack-based assembly languages
Information and Computation
Run-time principals in information-flow type systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Triage: diagnosing production run failures at the user's site
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Secure virtual architecture: a safe execution environment for commodity operating systems
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Monitoring the monitor: an approach towards trustworthiness in service oriented architecture
2nd international workshop on Service oriented software engineering: in conjunction with the 6th ESEC/FSE joint meeting
State-oriented Noninterference for CCS
Electronic Notes in Theoretical Computer Science (ENTCS)
Optimality and condensing of information flow through linear refinement
Theoretical Computer Science
Data dependencies and program slicing: from syntax to abstract semantics
PEPM '08 Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Cryptographically sound implementations for typed information-flow security
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
On the computational soundness of cryptographically masked flows
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Virtual Machine Based Information Flow Control System for Policy Enforcement
Electronic Notes in Theoretical Computer Science (ENTCS)
Application-level isolation and recovery with solitude
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
SIF: enforcing confidentiality and integrity in web applications
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Type-based information flow analysis for bytecode languages with variable object field policies
Proceedings of the 2008 ACM symposium on Applied computing
From trusted to secure: building and executing applications that enforce system security
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Preventing information leakage in C applications using RBAC-based model
SEPADS'06 Proceedings of the 5th WSEAS International Conference on Software Engineering, Parallel and Distributed Systems
Access control in mobile ambient calculi: A comparative view
Theoretical Computer Science
Secure slices of insecure programs
Proceedings of the 2008 ACM symposium on Information, computer and communications security
A state coverage tool for JUnit
Companion of the 30th international conference on Software engineering
Compositional information flow security for concurrent programs
Journal of Computer Security
Secure information flow for a concurrent language with scheduling
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Security policy refinement and enforcement for the design of multi-level secure systems
Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
A security domain model to assess software for exploitable covert channels
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Static path conditions for Java
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
A type system for data-flow integrity on windows vista
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Information flow security of multi-threaded distributed programs
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Securing nonintrusive web encryption through information flow
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Lagrange multipliers and maximum information leakage in different observational models
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Integration of a security type system into a program logic
Theoretical Computer Science
Security types for dynamic web data
Theoretical Computer Science
Cryptographically-masked flows
Theoretical Computer Science
ACM Transactions on Information and System Security (TISSEC)
Modular Reasoning in Object-Oriented Programming
Verified Software: Theories, Tools, Experiments
Transforming Abstract Interpretations by Abstract Interpretation
SAS '08 Proceedings of the 15th international symposium on Static Analysis
Securing information flow via dynamic capture of dependencies
Journal of Computer Security - 20th IEEE Computer Security Foundations Symposium (CSF)
Efficient and extensible security enforcement using dynamic data flow analysis
Proceedings of the 15th ACM conference on Computer and communications security
Proceedings of the 15th ACM conference on Computer and communications security
Avoiding information leakage in security-policy-aware planning
Proceedings of the 7th ACM workshop on Privacy in the electronic society
Algorithms and tool support for dynamic information flow analysis
Information and Software Technology
Action Refinement in Process Algebra and Security Issues
Logic-Based Program Synthesis and Transformation
On the Decidability of Model-Checking Information Flow Properties
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Implicit Flows: Can't Live with `Em, Can't Live without `Em
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
The MOBIUS Proof Carrying Code Infrastructure
Formal Methods for Components and Objects
Execution monitoring enforcement for limited-memory systems
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Embedding verifiable information flow analysis
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Static analysis for inference of explicit information flow
Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
A type system for data-flow integrity on Windows Vista
ACM SIGPLAN Notices
Mechanized information flow analysis through inductive assertions
Proceedings of the 2008 International Conference on Formal Methods in Computer-Aided Design
Rewrite Based Specification of Access Control Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Towards semantics for provenance security
TAPP'09 First workshop on on Theory and practice of provenance
On temporal path conditions in dependence graphs
Automated Software Engineering
Putting Trojans on the Horns of a Dilemma: Redundancy for Information Theft Detection
Transactions on Computational Science IV
On the Foundations of Quantitative Information Flow
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Secure Information Flow as a Safety Property
Formal Aspects in Security and Trust
Information-Theoretic Modeling and Analysis of Interrupt-Related Covert Channels
Formal Aspects in Security and Trust
The Shadow Knows: Refinement and security in sequential programs
Science of Computer Programming
Integrating hardware and software information flow analyses
Proceedings of the 2009 ACM SIGPLAN/SIGBED conference on Languages, compilers, and tools for embedded systems
Laminar: practical fine-grained decentralized information flow control
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Merlin: specification inference for explicit information flow problems
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Encoding information flow in Aura
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Catch me if you can: permissive yet secure error handling
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
A weakest precondition approach to active attacks analysis
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Measuring channel capacity to distinguish undue influence
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Efficient purely-dynamic information flow analysis
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
A language for information flow: dynamic tracking in multiple interdependent dimensions
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
On interdependence of secrets in collaboration networks
Proceedings of the 12th Conference on Theoretical Aspects of Rationality and Knowledge
An overview of programming language based security
Proceedings of the 47th Annual Southeast Regional Conference
Measuring the strength of information flows in programs
ACM Transactions on Software Engineering and Methodology (TOSEM)
An Independence Relation for Sets of Secrets
WoLLIC '09 Proceedings of the 16th International Workshop on Logic, Language, Information and Computation
Automated Analysis of Java Methods for Confidentiality
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
Defending against sensor-sniffing attacks on mobile phones
Proceedings of the 1st ACM workshop on Networking, systems, and applications for mobile handhelds
A Tool for Automated Certification of Java Source Code in Maude
Electronic Notes in Theoretical Computer Science (ENTCS)
A theory of typed coercions and its applications
Proceedings of the 14th ACM SIGPLAN international conference on Functional programming
Flow Policy Awareness for Distributed Mobile Code
CONCUR 2009 Proceedings of the 20th International Conference on Concurrency Theory
Synthesis of Non-Interferent Timed Systems
FORMATS '09 Proceedings of the 7th International Conference on Formal Modeling and Analysis of Timed Systems
Proceedings of the 16th ACM conference on Computer and communications security
Proceedings of the 16th ACM conference on Computer and communications security
The Non-Interference Protection in BML
Electronic Notes in Theoretical Computer Science (ENTCS)
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
On declassification and the non-disclosure policy
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Achieving information flow security through monadic control of effects
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Encoding information flow in AURA
ACM SIGPLAN Notices
Efficient purely-dynamic information flow analysis
ACM SIGPLAN Notices
Execution leases: a hardware-supported mechanism for enforcing strong non-interference
Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture
Ownership Downgrading for Ownership Types
APLAS '09 Proceedings of the 7th Asian Symposium on Programming Languages and Systems
CANDID: Dynamic candidate evaluations for automatic prevention of SQL injection attacks
ACM Transactions on Information and System Security (TISSEC)
Verification and synthesis for secrecy in discrete-event systems
ACC'09 Proceedings of the 2009 conference on American Control Conference
Scenarios and Covert Channels: Another Game...
Electronic Notes in Theoretical Computer Science (ENTCS)
Timing Aware Information Flow Security for a JavaCard-like Bytecode
Electronic Notes in Theoretical Computer Science (ENTCS)
Unwinding in Information Flow Security
Electronic Notes in Theoretical Computer Science (ENTCS)
Preventing Timing Leaks Through Transactional Branching Instructions
Electronic Notes in Theoretical Computer Science (ENTCS)
A Hierarchy of SOS Rule Formats
Electronic Notes in Theoretical Computer Science (ENTCS)
Anonymity services for multi-agent systems
Web Intelligence and Agent Systems
Arrows for secure information flow
Theoretical Computer Science
A lattice-based approach to mashup security
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Combining different proof techniques for verifying information flow security
LOPSTR'06 Proceedings of the 16th international conference on Logic-based program synthesis and transformation
Information-flow attacks based on limited observations
PSI'06 Proceedings of the 6th international Andrei Ershov memorial conference on Perspectives of systems informatics
Security for multithreaded programs under cooperative scheduling
PSI'06 Proceedings of the 6th international Andrei Ershov memorial conference on Perspectives of systems informatics
A certified lightweight non-interference java bytecode verifier
ESOP'07 Proceedings of the 16th European conference on Programming
Controlling the what and where of declassification in language-based security
ESOP'07 Proceedings of the 16th European conference on Programming
An information flow verifier for small embedded systems
WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
Typing one-to-one and one-to-many correspondences in security protocols
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
On the secure implementation of security protocols
ESOP'03 Proceedings of the 12th European conference on Programming
KeY: a formal method for object-oriented systems
FMOODS'07 Proceedings of the 9th IFIP WG 6.1 international conference on Formal methods for open object-based distributed systems
Handling dynamic information release
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Integration of a security type system into a program logic
TGC'06 Proceedings of the 2nd international conference on Trustworthy global computing
Security types for dynamic web data
TGC'06 Proceedings of the 2nd international conference on Trustworthy global computing
Locality-based security policies
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Hiding information in multi level security systems
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Fine-grained sticky provenance architecture for office documents
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Policies and proofs for code auditing
ATVA'07 Proceedings of the 5th international conference on Automated technology for verification and analysis
Information flow testing: the third path towards confidentiality guarantee
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Computationally sound typing for non-interference: the case of deterministic encryption
FSTTCS'07 Proceedings of the 27th international conference on Foundations of software technology and theoretical computer science
Automata-based confidentiality monitoring
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Closing internal timing channels by transformation
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Proving noninterference by a fully complete translation to the simply typed λ-calculus
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Provenance as dependency analysis
DBPL'07 Proceedings of the 11th international conference on Database programming languages
More typed assembly languages for confidentiality
APLAS'07 Proceedings of the 5th Asian conference on Programming languages and systems
TAPIDO: trust and authorization via provenance and integrity in distributed objects
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Adversaries and information leaks (Tutorial)
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Typing termination in a higher-order concurrent imperative language
Information and Computation
Security of multithreaded programs by compilation
ACM Transactions on Information and System Security (TISSEC)
A logical specification and analysis for SELinux MLS policy
ACM Transactions on Information and System Security (TISSEC)
Type-preserving compilation of end-to-end verification of security enforcement
PLDI '10 Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation
Information flow analysis of scientific workflows
Journal of Computer and System Sciences
Type-based analysis of PIN processing APIs
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Tracking information flow in dynamic tree structures
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Permissive dynamic information flow analysis
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
A more precise security type system for dynamic security tests
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Restricted delegation and revocation in language-based security: (position paper)
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Secure information flow analysis for hardware design: using the right abstraction for the job
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Workshop on theory and practice of provenance event report
ACM SIGMOD Record
Proceedings of the 19th international symposium on Software testing and analysis
Theoretical analysis of gate level information flow tracking
Proceedings of the 47th Design Automation Conference
Adjoining classified and unclassified information by abstract interpretation
Journal of Computer Security
Proceedings of the 3rd international conference on Security of information and networks
Deductive verification of cryptographic software
Innovations in Systems and Software Engineering
Information theory and security: quantitative information flow
SFM'10 Proceedings of the Formal methods for quantitative aspects of programming languages, and 10th international conference on School on formal methods for the design of computer, communication and software systems
Trustworthy information: concepts and mechanisms
WAIM'10 Proceedings of the 11th international conference on Web-age information management
Session types for access and information flow control
CONCUR'10 Proceedings of the 21st international conference on Concurrency theory
Flexible scheduler-independent security
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
FIRM: capability-based inline mediation of Flash behaviors
Proceedings of the 26th Annual Computer Security Applications Conference
Taxonomy and classification of automatic monitoring of program security vulnerability exploitations
Journal of Systems and Software
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
AuraConf: a unified approach to authorization and confidentiality
Proceedings of the 7th ACM SIGPLAN workshop on Types in language design and implementation
Information flow enforcement in monadic libraries
Proceedings of the 7th ACM SIGPLAN workshop on Types in language design and implementation
Abstract certification of global non-interference in rewriting logic
FMCO'09 Proceedings of the 8th international conference on Formal methods for components and objects
Unifying facets of information integrity
ICISS'10 Proceedings of the 6th international conference on Information systems security
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Policy-based attestation of service behavior for establishing rigorous trust
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Cross-application data provenance and policy enforcement
ACM Transactions on Information and System Security (TISSEC)
Privacy enforcement and analysis for functional active objects
DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
Information flow analysis via path condition refinement
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Tightlip: keeping applications from spilling the beans
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Engineering secure future internet services
The future internet
A security-aware refactoring tool for Java programs
Proceedings of the 4th Workshop on Refactoring Tools
A weakest precondition approach to robustness
Transactions on computational science X
Transactions on computational science XI
Transactions on computational science XI
Compiling information-flow security to minimal trusted computing bases
ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
Caisson: a hardware description language for secure information flow
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
EnerJ: approximate data types for safe and general low-power computation
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
kb-anonymity: a model for anonymized behaviour-preserving test and debugging data
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Proceedings of the 38th annual international symposium on Computer architecture
Secure data preservers forweb services
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
An accurate type system for information flow in presence of arrays
FMOODS'11/FORTE'11 Proceedings of the joint 13th IFIP WG 6.1 and 30th IFIP WG 6.1 international conference on Formal techniques for distributed systems
ITP'11 Proceedings of the Second international conference on Interactive theorem proving
Flexible dynamic information flow control in Haskell
Proceedings of the 4th ACM symposium on Haskell
Implicit self-adjusting computation for purely functional programs
Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
Magic-sets for localised analysis of Java bytecode
Higher-Order and Symbolic Computation
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Automated information flow analysis of virtualized infrastructures
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Automatically optimizing secure computation
Proceedings of the 18th ACM conference on Computer and communications security
Emerson: accessible scripting for applications in an extensible virtual world
Proceedings of the 10th SIGPLAN symposium on New ideas, new paradigms, and reflections on programming and software
Opacity analysis in trust management systems
ISC'11 Proceedings of the 14th international conference on Information security
A multi-compositional enforcement on information flow security
ICICS'11 Proceedings of the 13th international conference on Information and communications security
On Using B in the Design of Secure Micro-controllers: An Experience Report
Electronic Notes in Theoretical Computer Science (ENTCS)
From security protocols to systems security
Proceedings of the 11th international conference on Security Protocols
Creating objects in the flexible authorization framework
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Cryptographically-Masked flows
SAS'06 Proceedings of the 13th international conference on Static Analysis
Provably correct runtime enforcement of non-interference properties
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Allowing state changes in specifications
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Field access analysis for enforcing access control policies
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Certifying native java card API by formal refinement
CARDIS'06 Proceedings of the 7th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Preserving secrecy under refinement
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
λ-RBAC: programming with role-based access control
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Using labeling to prevent cross-service attacks against smart phones
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
Abstract dependences for alarm diagnosis
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
On the rôle of abstract non-interference in language-based security
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
Information flow analysis for a typed assembly language with polymorphic stacks
CASSIS'05 Proceedings of the Second international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
A typed assembly language for non-interference
ICTCS'05 Proceedings of the 9th Italian conference on Theoretical Computer Science
Timed abstract non-interference
FORMATS'05 Proceedings of the Third international conference on Formal Modeling and Analysis of Timed Systems
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Multiple facets for dynamic information flow
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Verifying abstract information flow properties in fault tolerant security devices
ICFEM'06 Proceedings of the 8th international conference on Formal Methods and Software Engineering
A social-intelligence-inspired security integrated model for network information flow
ICIC'06 Proceedings of the 2006 international conference on Intelligent Computing - Volume Part I
Information flow security for interactive systems
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
Higher-order program verification and language-based security
ASIAN'09 Proceedings of the 13th Asian conference on Advances in Computer Science: information Security and Privacy
Noninterference with dynamic security domains and policies
ASIAN'09 Proceedings of the 13th Asian conference on Advances in Computer Science: information Security and Privacy
A sound analysis for secure information flow using abstract memory graphs
FSEN'09 Proceedings of the Third IPM international conference on Fundamentals of Software Engineering
Specification and verification of side channel declassification
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
History-based access control and secure information flow
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
Information flow analysis for java bytecode
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Non-disclosure for distributed mobile code
FSTTCS '05 Proceedings of the 25th international conference on Foundations of Software Technology and Theoretical Computer Science
Observational purity and encapsulation
FASE'05 Proceedings of the 8th international conference, held as part of the joint European Conference on Theory and Practice of Software conference on Fundamental Approaches to Software Engineering
Formal methods for smartcard security
Foundations of Security Analysis and Design III
Non-disclosure for distributed mobile code
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Non-termination and secure information flow
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Secure information flow by self-composition
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Modelling declassification policies using abstract domain completeness
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Provenance as dependency analysis
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Programming with explicit security policies
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
A design for a security-typed language with certificate-based declassification
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Adjoining declassification and attack models by abstract interpretation
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Finding covert channels in protocols with message sequence charts: the case of RMTP2
SAM'04 Proceedings of the 4th international SDL and MSC conference on System Analysis and Modeling
Unwinding conditions for security in imperative languages
LOPSTR'04 Proceedings of the 14th international conference on Logic Based Program Synthesis and Transformation
Verifying a secure information flow analyzer
TPHOLs'05 Proceedings of the 18th international conference on Theorem Proving in Higher Order Logics
Information flow analysis for VHDL
PaCT'05 Proceedings of the 8th international conference on Parallel Computing Technologies
A type system for computationally secure information flow
FCT'05 Proceedings of the 15th international conference on Fundamentals of Computation Theory
Privacy-sensitive information flow with JML
CADE' 20 Proceedings of the 20th international conference on Automated Deduction
Bridging language-based and process calculi security
FOSSACS'05 Proceedings of the 8th international conference on Foundations of Software Science and Computation Structures
History-based access control with local policies
FOSSACS'05 Proceedings of the 8th international conference on Foundations of Software Science and Computation Structures
A theorem proving approach to analysis of secure information flow
SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
Higher-order abstract non-interference
TLCA'05 Proceedings of the 7th international conference on Typed Lambda Calculi and Applications
Generalized abstract non-interference: abstract secure information-flow analysis for automata
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Security-typed languages for implementation of cryptographic protocols: a case study
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
The PER model of abstract non-interference
SAS'05 Proceedings of the 12th international conference on Static Analysis
Secure information flow as a safety problem
SAS'05 Proceedings of the 12th international conference on Static Analysis
Information flow is linear refinement of constancy
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
Admissible interference by typing for cryptographic protocols
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
Bridging the gap between inter-communication boundary and internal trusted components
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Discretionary capability confinement
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Timing-sensitive information flow analysis for synchronous systems
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
From coupling relations to mated invariants for checking information flow
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Policy-driven memory protection for reconfigurable hardware
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Privacy injector — automated privacy enforcement through aspects
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
Differential privacy with information flow control
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Limiting information leakage in event-based communication
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Capabilities for information flow
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Epistemic temporal logic for information flow security
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
The shadow knows: refinement of ignorance in sequential programs
MPC'06 Proceedings of the 8th international conference on Mathematics of Program Construction
From dynamic to static and back: riding the roller coaster of information-flow control research
PSI'09 Proceedings of the 7th international Andrei Ershov Memorial conference on Perspectives of Systems Informatics
Experiences with PDG-Based IFC
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
A semantic framework for declassification and endorsement
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
Computing the leakage of information-hiding systems
TACAS'10 Proceedings of the 16th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Can we support applications' evolution in multi-application smart cards by security-by-contract?
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Eliminating implicit information leaks by transformational typing and unification
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Type-Based distributed access control vs. untyped attackers
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
A typed assembly language for confidentiality
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
Flow locks: towards a core calculus for dynamic flow policies
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
Information flow control to secure dynamic web service composition
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Decentralized delimited release
APLAS'11 Proceedings of the 9th Asian conference on Programming Languages and Systems
Runtime enforcement of information flow security in tree manipulating processes
ESSoS'12 Proceedings of the 4th international conference on Engineering Secure Software and Systems
G2C: cryptographic protocols from goal-driven specifications
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
State coverage: software validation metrics beyond code coverage
SOFSEM'12 Proceedings of the 38th international conference on Current Trends in Theory and Practice of Computer Science
SAILS: static analysis of information leakage with sample
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Language-based control and mitigation of timing channels
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Type-directed automatic incrementalization
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Towards incrementalization of holistic hyperproperties
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Network Security
Typing illegal information flows as program effects
Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
Security correctness for secure nested transactions: position paper
Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
Towards a taint mode for cloud computing web applications
Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
Implementing erasure policies using taint analysis
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
A taint mode for python via a library
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Secure multi-execution in haskell
PSI'11 Proceedings of the 8th international conference on Perspectives of System Informatics
JCSI: A tool for checking secure information flow in Java Card applications
Journal of Systems and Software
User-aware privacy control via extended static-information-flow analysis
Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering
Scheduler-specific confidentiality for multi-threaded programs and its logic-based verification
FoVeOOS'11 Proceedings of the 2011 international conference on Formal Verification of Object-Oriented Software
Verification of information flow properties of java programs without approximations
FoVeOOS'11 Proceedings of the 2011 international conference on Formal Verification of Object-Oriented Software
Better security and privacy for web browsers: a survey of techniques, and a new implementation
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
On-the-Fly inlining of dynamic dependency monitors for secure information flow
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Noninterference via symbolic execution
FMOODS'12/FORTE'12 Proceedings of the 14th joint IFIP WG 6.1 international conference and Proceedings of the 32nd IFIP WG 6.1 international conference on Formal Techniques for Distributed Systems
Secure multi-execution through static program transformation
FMOODS'12/FORTE'12 Proceedings of the 14th joint IFIP WG 6.1 international conference and Proceedings of the 32nd IFIP WG 6.1 international conference on Formal Techniques for Distributed Systems
Concrete and Abstract Semantics to Check Secure Information Flow in Concurrent Programs
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P 2003)
Linear dependent types in a call-by-value scenario
Proceedings of the 14th symposium on Principles and practice of declarative programming
A software-hardware architecture for self-protecting data
Proceedings of the 2012 ACM conference on Computer and communications security
Proceedings of the 2012 ACM conference on Computer and communications security
FlowFox: a web browser with flexible and precise information flow control
Proceedings of the 2012 ACM conference on Computer and communications security
Precise enforcement of progress-sensitive security
Proceedings of the 2012 ACM conference on Computer and communications security
Auditing cloud management using information flow tracking
Proceedings of the seventh ACM workshop on Scalable trusted computing
Symbolic quantitative information flow
ACM SIGSOFT Software Engineering Notes
Towards a practical secure concurrent language
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Magic-sets transformation for the analysis of java bytecode
SAS'07 Proceedings of the 14th international conference on Static Analysis
Pre-execution security policy assessment of remotely defined BPEL-based grid processes
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Security of multithreaded programs by compilation
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Dynamic information flow control architecture for web applications
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
A low-overhead, value-tracking approach to information flow security
SEFM'12 Proceedings of the 10th international conference on Software Engineering and Formal Methods
An approach for network information flow analysis for systems of embedded components
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Automatic information flow analysis of business process models
BPM'12 Proceedings of the 10th international conference on Business Process Management
Runtime verification: the application perspective
ISoLA'12 Proceedings of the 5th international conference on Leveraging Applications of Formal Methods, Verification and Validation: technologies for mastering change - Volume Part I
Dynamic information-flow analysis for multi-threaded applications
ISoLA'12 Proceedings of the 5th international conference on Leveraging Applications of Formal Methods, Verification and Validation: technologies for mastering change - Volume Part I
Information flow in systems with schedulers, Part I: Definitions
Theoretical Computer Science
Security type error diagnosis for higher-order, polymorphic languages
PEPM '13 Proceedings of the ACM SIGPLAN 2013 workshop on Partial evaluation and program manipulation
Taint analysis of security code in the KLEE symbolic execution engine
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Proving concurrent noninterference
CPP'12 Proceedings of the Second international conference on Certified Programs and Proofs
Quantitative analysis of information flow using theorem proving
ICFEM'12 Proceedings of the 14th international conference on Formal Engineering Methods: formal methods and software engineering
The confinement problem in the presence of faults
ICFEM'12 Proceedings of the 14th international conference on Formal Engineering Methods: formal methods and software engineering
Towards fully automatic placement of security sanitizers and declassifiers
POPL '13 Proceedings of the 40th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Detecting control flow in smarphones: combining static and dynamic analyses
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
ANDROMEDA: accurate and scalable security analysis of web applications
FASE'13 Proceedings of the 16th international conference on Fundamental Approaches to Software Engineering
Type-Based complexity analysis for fork processes
FOSSACS'13 Proceedings of the 16th international conference on Foundations of Software Science and Computation Structures
Aspectizing JavaScript security
Proceedings of the 3rd workshop on Modularity in systems software
Verifying information flow properties of hybrid systems
Proceedings of the 2nd ACM international conference on High confidence networked systems
An information flow control meta-model
Proceedings of the 18th ACM symposium on Access control models and technologies
Knowledge inference for optimizing secure multi-party computation
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Type-based dependency analysis for javascript
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Faceted execution of policy-agnostic programs
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Security completeness: towards noninterference in composed languages
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Position paper: Sapper -- a language for provable hardware policy enforcement
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
GlassTube: a lightweight approach to web application integrity
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Fine-grained disclosure control for app ecosystems
Proceedings of the 2013 ACM SIGMOD International Conference on Management of Data
Formal verification of side-channel countermeasures using self-composition
Science of Computer Programming
An information-flow type-system for mixed protocol secure computation
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Toward principled browser security
HotOS'13 Proceedings of the 14th USENIX conference on Hot Topics in Operating Systems
Testing noninterference, quickly
Proceedings of the 18th ACM SIGPLAN international conference on Functional programming
Analyzing and defending against web-based malware
ACM Computing Surveys (CSUR)
Proceedings of the 15th Symposium on Principles and Practice of Declarative Programming
MrCrypt: static analysis for secure cloud computations
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
Tool-supported dataflow analysis of a security-critical embedded device
AISC '12 Proceedings of the Tenth Australasian Information Security Conference - Volume 125
AUTOCRYPT: enabling homomorphic computation on servers to protect sensitive web content
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
The shape of things to run: compiling complex stream graphs to reconfigurable hardware in lime
ECOOP'13 Proceedings of the 27th European conference on Object-Oriented Programming
QUAIL: a quantitative security analyzer for imperative code
CAV'13 Proceedings of the 25th international conference on Computer Aided Verification
Noninterference in a predicative polymorphic calculus for access control
Computer Languages, Systems and Structures
Sleuth: automated verification of software power analysis countermeasures
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
CacheAudit: a tool for the static analysis of cache side channels
SEC'13 Proceedings of the 22nd USENIX conference on Security
A verified information-flow architecture
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Probabilistic relational verification for cryptographic implementations
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
NetKAT: semantic foundations for networks
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Sapper: a language for hardware-level security policy enforcement
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems
Security Signature Inference for JavaScript-based Browser Addons
Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization
Information flow tracking meets just-in-time compilation
ACM Transactions on Architecture and Code Optimization (TACO)
Analyzing program dependencies for malware detection
Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014
On quantitative dynamic data flow tracking
Proceedings of the 4th ACM conference on Data and application security and privacy
Generating profile-based signatures for online intrusion and failure detection
Information and Software Technology
Efficient static checker for tainted variable attacks
Science of Computer Programming
Proceedings of the 23rd international conference on World wide web
Journal of Computer Security - CSF 2010
Information flow in trust management systems
Journal of Computer Security - CSF 2010
Effective verification of confidentiality for multi-threaded programs
Journal of Computer Security - Foundational Aspects of Security
| Hi-index | 0.08 |
Current standard security practices do not provide substantial assurance that the end-to-end behavior of a computing system satisfies important security policies such as confidentiality. An end-to-end confidentiality policy might assert that secret input data cannot be inferred by an attacker through the attacker's observations of system output; this policy regulates information flow. Conventional security mechanisms such as access control and encryption do not directly address the enforcement of information-flow policies. Previously, a promising new approach has been developed: the use of programming-language techniques for specifying and enforcing information-flow policies. In this paper, we survey the past three decades of research on information-flow security, particularly focusing on work that uses static program analysis to enforce information-flow policies. We give a structured view of work in the area and identify some important open challenges.