Synchronization with eventcounts and sequencers
Communications of the ACM
A model for verification of data security in operating systems
Communications of the ACM
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Security Kernel validation in practice
Communications of the ACM
Monitors: an operating system structuring concept
Communications of the ACM
A note on the confinement problem
Communications of the ACM
An axiomatic basis for computer programming
Communications of the ACM
Certifying information flow properties of programs: an axiomatic approach
POPL '79 Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
A comment on the confinement problem
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
The enforcement of security policies for computation
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Information transmission in computational systems
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
Potential Capabilities in Algol-Like Programs
Potential Capabilities in Algol-Like Programs
Information flow in parallel programs: an axiomatic approach.
Information flow in parallel programs: an axiomatic approach.
The semantics of information flow.
The semantics of information flow.
Information-flow and data-flow analysis of while-programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
A practical approach to semantic configuration management
TAV3 Proceedings of the ACM SIGSOFT '89 third symposium on Software testing, analysis, and verification
On the Identification of Covert Storage Channels in Secure Systems
IEEE Transactions on Software Engineering
A Model for Multilevel Security in Computer Networks
IEEE Transactions on Software Engineering
Approximate Reasoning About the Semantic Effects of Program Changes
IEEE Transactions on Software Engineering
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Exception-based information flow control in object-oriented systems
ACM Transactions on Information and System Security (TISSEC)
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Information flow inference for free
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
Formal Models for Computer Security
ACM Computing Surveys (CSUR)
ACM Computing Surveys (CSUR)
Parallel programs: proofs, principles, and practice
Communications of the ACM
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Checking security of Java bytecode by abstract interpretation
Proceedings of the 2002 ACM symposium on Applied computing
Information flow vs. resource access in the asynchronous pi-calculus
ACM Transactions on Programming Languages and Systems (TOPLAS)
Detection of information leak by data flow analysis
ACM SIGPLAN Notices
Abstract interpretation of operational semantics for secure information flow
Information Processing Letters
A Per Model of Secure Information Flow in Sequential Programs
Higher-Order and Symbolic Computation
A Per Model of Secure Information Flow in Sequential Programs
ESOP '99 Proceedings of the 8th European Symposium on Programming Languages and Systems
Information Flow vs. Resource Access in the Asynchronous Pi-Calculus
ICALP '00 Proceedings of the 27th International Colloquium on Automata, Languages and Programming
VMCAI '02 Revised Papers from the Third International Workshop on Verification, Model Checking, and Abstract Interpretation
The Impact of Synchronisation on Secure Information Flow in Concurrent Programs
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
A mechanism for information control in parallel systems
SOSP '79 Proceedings of the seventh ACM symposium on Operating systems principles
Fundamenta Informaticae - Concurrency specification and programming
Journal of Computer Security - IFIP 2000
Java bytecode verification for secure information flow
ACM SIGPLAN Notices
Securing web application code by static analysis and runtime protection
Proceedings of the 13th international conference on World Wide Web
A process-algebraic approach for the analysis of probabilistic noninterference
Journal of Computer Security
Software—Practice & Experience
On flow-sensitive security types
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Science of Computer Programming
Type systems equivalent to data-flow analyses for imperative languages
Theoretical Computer Science - Applied semantics
Concrete and Abstract Semantics to Check Secure Information Flow in Concurrent Programs
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P 2003)
Instruction-level security analysis for information flow in stack-based assembly languages
Information and Computation
Security Information Flow in Multidimensional Arrays
IEEE Transactions on Computers
Integration of a security type system into a program logic
Theoretical Computer Science
Static analysis for inference of explicit information flow
Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
On declassification and the non-disclosure policy
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Scenarios and Covert Channels: Another Game...
Electronic Notes in Theoretical Computer Science (ENTCS)
Integration of a security type system into a program logic
TGC'06 Proceedings of the 2nd international conference on Trustworthy global computing
Hiding information in multi level security systems
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
From exponential to polynomial-time security typing via principal types
ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
Provably correct runtime enforcement of non-interference properties
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
A calculus of trustworthy ad hoc networks
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Secure information flow by self-composition
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Finding covert channels in protocols with message sequence charts: the case of RMTP2
SAM'04 Proceedings of the 4th international SDL and MSC conference on System Analysis and Modeling
Concrete and Abstract Semantics to Check Secure Information Flow in Concurrent Programs
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P 2003)
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P'2002), Part 1
| Hi-index | 0.02 |
A new approach to information flow in sequential and parallel programs is presented. Flow proof rules that capture the information flow semantics of a variety of statements are given and used to construct program flow proofs. The method is illustrated by examples. The applications of flow proofs to certifying information flow policies and to solving the confinement problem are considered. It is also shown that flow rules and correctness rules can be combined to form an even more powerful proof system.