Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Probabilistic noninterference in a concurrent language
Journal of Computer Security
A sound type system for secure flow analysis
Journal of Computer Security
Certification of programs for secure information flow
Communications of the ACM
Noninterference for concurrent programs and thread systems
Theoretical Computer Science
The Impact of Synchronisation on Secure Information Flow in Concurrent Programs
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Probabilistic Noninterference for Multi-Threaded Programs
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
A New Type System for Secure Information Flow
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Non-interference for a JVM-like language
TLDI '05 Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation
Deriving an Information Flow Checker and Certifying Compiler for Java
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
A Temporal Logic Characterisation of Oservational Determinism
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Securing Interaction between Threads and the Scheduler
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Security types preserving compilation
Computer Languages, Systems and Structures
A Library for Secure Multi-threaded Information Flow in Haskell
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Security for multithreaded programs under cooperative scheduling
PSI'06 Proceedings of the 6th international Andrei Ershov memorial conference on Perspectives of systems informatics
A certified lightweight non-interference java bytecode verifier
ESOP'07 Proceedings of the 16th European conference on Programming
Closing internal timing channels by transformation
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
A typed assembly language for non-interference
ICTCS'05 Proceedings of the 9th Italian conference on Theoretical Computer Science
Information flow analysis for java bytecode
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Eliminating implicit information leaks by transformational typing and unification
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Type-based information flow analysis for bytecode languages with variable object field policies
Proceedings of the 2008 ACM symposium on Applied computing
Static path conditions for Java
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
More typed assembly languages for confidentiality
APLAS'07 Proceedings of the 5th Asian conference on Programming languages and systems
Security of multithreaded programs by compilation
ACM Transactions on Information and System Security (TISSEC)
Flexible scheduler-independent security
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Addressing covert termination and timing channels in concurrent information flow systems
Proceedings of the 17th ACM SIGPLAN international conference on Functional programming
Scheduler-Independent declassification
MPC'12 Proceedings of the 11th international conference on Mathematics of Program Construction
Hi-index | 0.00 |
Information security is a pressing challenge for mobile code technologies. In order to claim end-to-end security of mobile code, it is necessary to establish that the code neither intentionally nor accidentally propagates sensitive information to an adversary. Although mobile code is commonly multithreaded low-level code, the literature is lacking enforcement mechanisms that ensure information security for such programs. This paper offers a modular solution to the security of multithreaded programs. The modularity is three-fold: we give modular extensions of sequential semantics, sequential security typing, and sequential security-type preserving compilation that allow us enforcing security for multithreaded programs. Thanks to the modularity, there are no more restrictions on multithreaded source programs than on sequential ones, and yet we guarantee that their compilations are provably secure for a wide class of schedulers.