A lattice model of secure information flow
Communications of the ACM
Why and Where: A Characterization of Data Provenance
ICDT '01 Proceedings of the 8th International Conference on Database Theory
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
A logical specification for usage control
Proceedings of the ninth ACM symposium on Access control models and technologies
An Experimental Comparison of Min-Cut/Max-Flow Algorithms for Energy Minimization in Vision
IEEE Transactions on Pattern Analysis and Machine Intelligence
Secure program execution via dynamic information flow tracking
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Minos: Control Data Attack Prevention Orthogonal to Memory Model
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
TaintTrace: Efficient Flow Tracing with Dynamic Binary Rewriting
ISCC '06 Proceedings of the 11th IEEE Symposium on Computers and Communications
Practical taint-based protection using demand emulation
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Valgrind: a framework for heavyweight dynamic binary instrumentation
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Understanding data lifetime via whole system simulation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Dytan: a generic dynamic taint analysis framework
Proceedings of the 2007 international symposium on Software testing and analysis
Information flow control for standard OS abstractions
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Making information flow explicit in HiStar
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Panorama: capturing system-wide information flow for malware detection and analysis
Proceedings of the 14th ACM conference on Computer and communications security
Manageable fine-grained information flow
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Quantitative information flow as network flow capacity
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
On the Limits of Information Flow Techniques for Malware Analysis and Containment
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Vigilante: End-to-end containment of Internet worm epidemics
ACM Transactions on Computer Systems (TOCS)
Pointless tainting?: evaluating the practicality of pointer tainting
Proceedings of the 4th ACM European conference on Computer systems
Ponder2: A Policy System for Autonomous Pervasive Environments
ICAS '09 Proceedings of the 2009 Fifth International Conference on Autonomic and Autonomous Systems
State-Based Usage Control Enforcement with Data Flow Tracking using System Call Interposition
NSS '09 Proceedings of the 2009 Third International Conference on Network and System Security
Cross-application data provenance and policy enforcement
ACM Transactions on Information and System Security (TISSEC)
Modeling data flow in socio-information networks: a risk estimation approach
Proceedings of the 16th ACM symposium on Access control models and technologies
A Trustworthy Usage Control Enforcement Framework
ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security
Representation-Independent data usage control
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
IEEE Transactions on Information Theory
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
We present a non-probabilistic model for dynamic quantitative data flow tracking. Estimations of the amount of data stored in a particular representation at runtime - a file, a window, a network packet - enable the adoption of fine-grained policies which authorize or prohibit partial leaks of data. We prove the correctness of the estimations, provide an implementation that we evaluate w.r.t. precision and performance, and analyze one instantiation at the OS level.