A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The Tree-to-Tree Correction Problem
Journal of the ACM (JACM)
A sound type system for secure flow analysis
Journal of Computer Security
A lattice model of secure information flow
Communications of the ACM
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Checking security of Java bytecode by abstract interpretation
Proceedings of the 2002 ACM symposium on Applied computing
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Security Typings by Abstract Interpretation
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Normalizable Horn Clauses, Strongly Recognizable Relations, and Spi
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Towards an Automatic Analysis of Security Protocols in First-Order Logic
CADE-16 Proceedings of the 16th International Conference on Automated Deduction: Automated Deduction
Abstract non-interference: parameterizing non-interference by abstract interpretation
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Specifying access control policies for XML documents with XPath
Proceedings of the ninth ACM symposium on Access control models and technologies
Secure Information Flow by Self-Composition
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
XML access control using static analysis
ACM Transactions on Information and System Security (TISSEC)
CADE-22 Proceedings of the 22nd International Conference on Automated Deduction
International Journal of Information Security
Paralocks: role-based information flow control and beyond
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Tracking information flow in dynamic tree structures
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
XML graphs in program analysis
Science of Computer Programming
Verification of Information Flow and Access Control Policies with Dependent Types
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Relational verification using product programs
FM'11 Proceedings of the 17th international conference on Formal methods
RTED: a robust algorithm for the tree edit distance
Proceedings of the VLDB Endowment
Privacy-sensitive information flow with JML
CADE' 20 Proceedings of the 20th international conference on Automated Deduction
A theorem proving approach to analysis of secure information flow
SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
Secure information flow as a safety problem
SAS'05 Proceedings of the 12th international conference on Static Analysis
From coupling relations to mated invariants for checking information flow
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Runtime enforcement of information flow security in tree manipulating processes
ESSoS'12 Proceedings of the 4th international conference on Engineering Secure Software and Systems
Automatic information flow analysis of business process models
BPM'12 Proceedings of the 10th international conference on Business Process Management
Hi-index | 0.00 |
Information flow properties of programs can be formalized as hyperproperties specifying the relation of multiple executions. In this paper, we therefore introduce a framework for proving 2-hypersafety properties by means of abstract interpretation. The main idea is to apply abstract interpretation on the self-compositions of the control flow graphs of programs. As a result, our method is inherently capable of analyzing relational properties of even dissimilar programs. Constructing self-compositions of control flow graphs is nontrivial. Therefore, we present an algorithm for constructing quality self-compositions driven by a tree distance measure between the abstract syntax trees of subprograms. Finally, we demonstrate the applicability of the approach by proving intricate information flow properties of programs written in a simple language for tree manipulation motivated by the Web Services Business Process Execution Language.