LFP '92 Proceedings of the 1992 ACM conference on LISP and functional programming
A syntactic approach to type soundness
Information and Computation
Analysis and caching of dependencies
Proceedings of the first ACM SIGPLAN international conference on Functional programming
Objective ML: a simple object-oriented extension of ML
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Type inference with constrained types
Theory and Practice of Object Systems - Special issue on foundations of object-oriented languages
An Axiomatic Approach to Information Flow in Programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Certification of programs for secure information flow
Communications of the ACM
A note on the confinement problem
Communications of the ACM
Cryptography and data security
Cryptography and data security
Building a bridge between pointer aliases and program dependences
Nordic Journal of Computing
Polymorphic Type Inference with Overloading and Subtyping
TAPSOFT '93 Proceedings of the International Joint Conference CAAP/FASE on Theory and Practice of Software Development
A Type-Based Approach to Program Security
TAPSOFT '97 Proceedings of the 7th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
Polymorphic Subtype Inference: Closing the Theory-Practice Gap
TAPSOFT '89 Proceedings of the International Joint Conference on Theory and Practice of Software Development, Volume 2: Advanced Seminar on Foundations of Innovative Software Development II and Colloquium on Current Issues in Programming Languages
Compile-Time Detection of Information Flow in Sequential Programs
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Implicit Typing à la ML for the Join-Calculus
CONCUR '97 Proceedings of the 8th International Conference on Concurrency Theory
SAS '96 Proceedings of the Third International Symposium on Static Analysis
A Toolkit for Constructing Type- and Constraint-Based Program Analyses
TIC '98 Proceedings of the Second International Workshop on Types in Compilation
Mostly-Static Decentralized Information Flow Control
Mostly-Static Decentralized Information Flow Control
Journal of Functional Programming
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Untrusted hosts and confidentiality: secure program partitioning
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
A uniform type structure for secure information flow
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Information flow inference for ML
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Checking security of Java bytecode by abstract interpretation
Proceedings of the 2002 ACM symposium on Applied computing
ACM Transactions on Computer Systems (TOCS)
Noninterference for concurrent programs and thread systems
Theoretical Computer Science
Information flow inference for ML
ACM Transactions on Programming Languages and Systems (TOPLAS)
Abstract interpretation of operational semantics for secure information flow
Information Processing Letters
Secure Information Flow via Linear Continuations
Higher-Order and Symbolic Computation
Secure Information Flow and CPS
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
A Systematic Approach to Static Access Control
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
Boolean Constraints for Binding-Time Analysis
PADO '01 Proceedings of the Second Symposium on Programs as Data Objects
Secrecy Types for Asymmetric Communication
FoSSaCS '01 Proceedings of the 4th International Conference on Foundations of Software Science and Computation Structures
Noninterference for Concurrent Programs
ICALP '01 Proceedings of the 28th International Colloquium on Automata, Languages and Programming,
Secrecy types for asymmetric communication
Theoretical Computer Science - Foundations of software science and computation structures
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Fine-Grained Information Flow Analysis for a \lambda Calculus with Sum Types
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Secure Information Flow and Pointer Confinement in a Java-like Language
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A Simple View of Type-Secure Information Flow in the "-Calculus
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Using Replication and Partitioning to Build Secure Distributed Systems
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
The essence of computation
An approach to secure information flow on Object Oriented Role-based Access Control model
Proceedings of the 2003 ACM symposium on Applied computing
Java bytecode verification for secure information flow
ACM SIGPLAN Notices
Security policies for downgrading
Proceedings of the 11th ACM conference on Computer and communications security
Downgrading policies and relaxed noninterference
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Stack-based access control and secure information flow
Journal of Functional Programming
ACM SIGACT News
A systematic approach to static access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Proceedings of the 2006 workshop on Programming languages and analysis for security
Enforcing robust declassification and qualified robustness
Journal of Computer Security - Special issue on CSFW17
Access control in a core calculus of dependency
Proceedings of the eleventh ACM SIGPLAN international conference on Functional programming
Access Control in a Core Calculus of Dependency
Electronic Notes in Theoretical Computer Science (ENTCS)
An End-To-End Approach to Distributed Policy Language Implementation
Electronic Notes in Theoretical Computer Science (ENTCS)
A uniform type structure for secure information flow
ACM Transactions on Programming Languages and Systems (TOPLAS)
Run-time principals in information-flow type systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Type-based cryptographic operations
Journal of Computer Security - Special issue on CSFW15
SIF: enforcing confidentiality and integrity in web applications
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
A type system for data-flow integrity on windows vista
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
A type system for data-flow integrity on Windows Vista
ACM SIGPLAN Notices
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Achieving information flow security through monadic control of effects
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Computer security from a programming language and static analysis perspective
ESOP'03 Proceedings of the 12th European conference on Programming
Automata-based confidentiality monitoring
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Allowing state changes in specifications
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
A privacy enhanced role-based access control model for enterprises
ICCNMC'05 Proceedings of the Third international conference on Networking and Mobile Computing
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Type-Based distributed access control vs. untyped attackers
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
ML dependency analysis for assessors
SEFM'12 Proceedings of the 10th international conference on Software Engineering and Formal Methods
| Hi-index | 0.00 |
This paper shows how to systematically extend an arbitrary type system with dependency information, and how soundness and non-interference proofs for the new system may rely upon, rather than duplicate, the soundness proof of the original system. This allows enriching virtually any of the type systems known today with information flow analysis, while requiring only a minimal proof effort.Our approach is based on an untyped operational semantics for a labelled calculus akin to core ML. Thus, it is simple, and should be applicable to other computing paradigms, such as object or process calculi.The paper also discusses access control, and shows it may be viewed as entirely independent of information flow control. Letting the two mechanisms coexist, without interacting, yields a simple and expressive type system, which allows, in particular, "selective" declassification.