JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
First-Order Dynamic Logic
Dynamic Logic
Secure Information Flow by Self-Composition
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
On flow-sensitive security types
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Preliminary design of JML: a behavioral interface specification language for java
ACM SIGSOFT Software Engineering Notes
Expressive Declassification Policies and Modular Static Enforcement
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Abstract Interpretation of Symbolic Execution with Explicit State Updates
Formal Methods for Components and Objects
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Integration of a security type system into a program logic
TGC'06 Proceedings of the 2nd international conference on Trustworthy global computing
Formal Aspects of Computing
Verification of Information Flow and Access Control Policies with Dependent Types
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Privacy-sensitive information flow with JML
CADE' 20 Proceedings of the 20th international conference on Automated Deduction
A theorem proving approach to analysis of secure information flow
SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Dynamic logic with trace semantics
CADE'13 Proceedings of the 24th international conference on Automated Deduction
Hi-index | 0.00 |
In this paper we propose a methodology for the specification and verification of information flow properties for sequential Java programs. This proposal also covers declassification. We define an extension of the Java Modeling Language (JML) that significantly goes beyond previous approaches. The JML specification clauses are translated into proof obligations in Dynamic Logic. An experimental implementation within the KeY-system shows the feasibility of the approach.