A lattice model of secure information flow
Communications of the ACM
Security Kernel validation in practice
Communications of the ACM
Exception handling: issues and a proposed notation
Communications of the ACM
A note on the confinement problem
Communications of the ACM
Communications of the ACM
Compiler Construction for Digital Computers
Compiler Construction for Digital Computers
On protection in operating systems
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
A comment on the confinement problem
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
The enforcement of security policies for computation
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Structured specification of a Security Kernel
Proceedings of the international conference on Reliable software
Proceedings of a symposium on Compiler optimization
Potential Capabilities in Algol-Like Programs
Potential Capabilities in Algol-Like Programs
COOPERATION OF MUTUALLY SUSPICIOUS SUBSYSTEMS IN A COMPUTER UTILITY
COOPERATION OF MUTUALLY SUSPICIOUS SUBSYSTEMS IN A COMPUTER UTILITY
Protection in programmed systems.
Protection in programmed systems.
Cops--a protection mechanism for computer systems.
Cops--a protection mechanism for computer systems.
Secure information flow in computer systems.
Secure information flow in computer systems.
Computation: finite and infinite machines
Computation: finite and infinite machines
Information-flow and data-flow analysis of while-programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
PELAS-Program Error-Locating Assistant System
IEEE Transactions on Software Engineering
A practical approach to semantic configuration management
TAV3 Proceedings of the ACM SIGSOFT '89 third symposium on Software testing, analysis, and verification
The implications of program dependencies for software testing, debugging, and maintenance
TAV3 Proceedings of the ACM SIGSOFT '89 third symposium on Software testing, analysis, and verification
On the Identification of Covert Storage Channels in Secure Systems
IEEE Transactions on Software Engineering
Data Dependency Graphs for Ada Programs
IEEE Transactions on Software Engineering
IEEE Transactions on Software Engineering
Approximate Reasoning About the Semantic Effects of Program Changes
IEEE Transactions on Software Engineering
An Analysis of Test Data Selection Criteria Using the RELAY Model of Fault Detection
IEEE Transactions on Software Engineering
On slicing programs with jump statements
PLDI '94 Proceedings of the ACM SIGPLAN 1994 conference on Programming language design and implementation
Semantic foundations of binding-time analysis for imperative programs
PEPM '95 Proceedings of the 1995 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Static detection of security flaws in object-oriented databases
SIGMOD '96 Proceedings of the 1996 ACM SIGMOD international conference on Management of data
On the systematic design of Web languages
ACM Computing Surveys (CSUR)
Programming languages for mobile code
ACM Computing Surveys (CSUR)
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Security properties of typed applets
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proof linking: an architecture for modular verification of dynamically-linked mobile code
SIGSOFT '98/FSE-6 Proceedings of the 6th ACM SIGSOFT international symposium on Foundations of software engineering
Trust and partial typing in open systems of mobile agents
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Information flow inference for free
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
ACM Computing Surveys (CSUR)
Formal Models for Computer Security
ACM Computing Surveys (CSUR)
ACM Computing Surveys (CSUR)
An Axiomatic Approach to Information Flow in Programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Security verification of programs with stack inspection
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Security properties of typed applets
Secure Internet programming
An efficient security verification method for programs with stack inspection
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Untrusted hosts and confidentiality: secure program partitioning
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
A uniform type structure for secure information flow
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Securing PC applications: the relay race approach
Communications of the ACM - Supporting community and building social capital
Checking security of Java bytecode by abstract interpretation
Proceedings of the 2002 ACM symposium on Applied computing
Verification caching: towards efficient and secure mobile code execution environments
Proceedings of the 2002 ACM symposium on Applied computing
ACM Transactions on Computer Systems (TOCS)
Certifying information flow properties of programs: an axiomatic approach
POPL '79 Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Information flow vs. resource access in the asynchronous pi-calculus
ACM Transactions on Programming Languages and Systems (TOPLAS)
Detection of information leak by data flow analysis
ACM SIGPLAN Notices
Abstract interpretation of operational semantics for secure information flow
Information Processing Letters
A Per Model of Secure Information Flow in Sequential Programs
Higher-Order and Symbolic Computation
Secure Information Flow via Linear Continuations
Higher-Order and Symbolic Computation
Flow logic for Dolev-Yao secrecy in cryptographic processes
Future Generation Computer Systems - Parallel computing technologies (PaCT-2001)
A Per Model of Secure Information Flow in Sequential Programs
ESOP '99 Proceedings of the 8th European Symposium on Programming Languages and Systems
Secure Information Flow as Typed Process Behaviour
ESOP '00 Proceedings of the 9th European Symposium on Programming Languages and Systems
Semantics and Program Analysis of Computationally Secure Information Flow
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
Secure Information Flow and CPS
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
Static Analysis for Secrecy and Non-interference in Networks of Processes
PaCT '01 Proceedings of the 6th International Conference on Parallel Computing Technologies
Providing Fine-grained Access Control for Java Programs
ECOOP '99 Proceedings of the 13th European Conference on Object-Oriented Programming
Information Flow vs. Resource Access in the Asynchronous Pi-Calculus
ICALP '00 Proceedings of the 27th International Colloquium on Automata, Languages and Programming
ICICS '01 Proceedings of the Third International Conference on Information and Communications Security
VMCAI '02 Revised Papers from the Third International Workshop on Verification, Model Checking, and Abstract Interpretation
FoSSaCS '02 Proceedings of the 5th International Conference on Foundations of Software Science and Computation Structures
The Impact of Synchronisation on Secure Information Flow in Concurrent Programs
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Securing Communication in a Concurrent Language
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Security Typings by Abstract Interpretation
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Language Issues in Mobile Program Security
Mobile Agents and Security
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Fine-Grained Information Flow Analysis for a \lambda Calculus with Sum Types
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Secure Information Flow and Pointer Confinement in a Java-like Language
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Resource management in a distributed system
SIGCOMM '83 Proceedings of the eighth symposium on Data communications
ICSE '81 Proceedings of the 5th international conference on Software engineering
Possibility theory: As a means for modeling computer security and protection
MVL '78 Proceedings of the eighth international symposium on Multiple-valued logic
A mechanism for information control in parallel systems
SOSP '79 Proceedings of the seventh ACM symposium on Operating systems principles
Design and verification of secure systems
SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
Using Replication and Partitioning to Build Secure Distributed Systems
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A Generic Approach to the Security of Multi-Threaded Programs
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A New Type System for Secure Information Flow
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Fundamenta Informaticae - Concurrency specification and programming
Journal of Computer Security - IFIP 2000
Statically assuring secrecy for dynamic concurrent processes
Proceedings of the 5th ACM SIGPLAN international conference on Principles and practice of declaritive programming
Design and Implementation of a Fine-Grained Software Inspection Tool
IEEE Transactions on Software Engineering
An approach to secure information flow on Object Oriented Role-based Access Control model
Proceedings of the 2003 ACM symposium on Applied computing
A protection scheme for collaborative environments
Proceedings of the 2003 ACM symposium on Applied computing
A unifying approach to the security of distributed and multi-threaded programs
Journal of Computer Security - Special issue on CSFW14
Channel dependent types for higher-order mobile processes
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Abstract non-interference: parameterizing non-interference by abstract interpretation
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Java bytecode verification for secure information flow
ACM SIGPLAN Notices
Journal of Functional Programming
Protecting network users in mobile code systems
Journal of Parallel and Distributed Computing
A Mobile Computational model for Internet programming
ACM-SE 42 Proceedings of the 42nd annual Southeast regional conference
Dynamic label binding at run-time
Proceedings of the 2003 workshop on New security paradigms
Embedding role-based access control model in object-oriented systems to protect privacy
Journal of Systems and Software
Proceedings of the 5th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
A note on information flow into arrays
ACM SIGSOFT Software Engineering Notes
Embellishments to the note on information flow into arrays
ACM SIGSOFT Software Engineering Notes
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Providing flexible access control to an information flow control model
Journal of Systems and Software
A brief survey of program slicing
ACM SIGSOFT Software Engineering Notes
Stack-based access control and secure information flow
Journal of Functional Programming
Noninterference through flow analysis
Journal of Functional Programming
Static approximation of dynamically generated Web pages
WWW '05 Proceedings of the 14th international conference on World Wide Web
Proceedings of the 27th international conference on Software engineering
An agent-based inter-application information flow control model
Journal of Systems and Software - Special issue: Software engineering education and training
Using dynamic information flow analysis to detect attacks against applications
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
An information flow control model for C applications based on access control lists
Journal of Systems and Software
Software—Practice & Experience
Labels and event processes in the asbestos operating system
Proceedings of the twentieth ACM symposium on Operating systems principles
Decidability and proof systems for language-based noninterference relations
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
On flow-sensitive security types
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A logic for information flow in object-oriented programs
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Efficient type inference for secure information flow
Proceedings of the 2006 workshop on Programming languages and analysis for security
An empirical study of the strength of information flows in programs
Proceedings of the 2006 international workshop on Dynamic systems analysis
Managing role relationships in an information flow control model
Journal of Systems and Software
Enforcing robust declassification and qualified robustness
Journal of Computer Security - Special issue on CSFW17
Compositional type systems for stack-based low-level languages
CATS '06 Proceedings of the 12th Computing: The Australasian Theroy Symposium - Volume 51
Efficient software model checking of data structure properties
Proceedings of the 21st annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Efficient path conditions in dependence graphs for software safety analysis
ACM Transactions on Software Engineering and Methodology (TOSEM)
Secure information flow with random assignment and encryption
Proceedings of the fourth ACM workshop on Formal methods in security
LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Science of Computer Programming
Type systems equivalent to data-flow analyses for imperative languages
Theoretical Computer Science - Applied semantics
Concrete and Abstract Semantics to Check Secure Information Flow in Concurrent Programs
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P 2003)
Improved typings for probabilistic noninterference in a multi-threaded language
Journal of Computer Security
Raksha: a flexible information flow architecture for software security
Proceedings of the 34th annual international symposium on Computer architecture
A domain-specific programming language for secure multiparty computation
Proceedings of the 2007 workshop on Programming languages and analysis for security
Fast probabilistic simulation, nontermination, and secure information flow
Proceedings of the 2007 workshop on Programming languages and analysis for security
ABASH: finding bugs in bash scripts
Proceedings of the 2007 workshop on Programming languages and analysis for security
Performance aware secure code partitioning
Proceedings of the conference on Design, automation and test in Europe
Which security policy for multiplication smart cards?
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
An Empirical Study of Test Case Filtering Techniques Based on Exercising Information Flows
IEEE Transactions on Software Engineering
An End-To-End Approach to Distributed Policy Language Implementation
Electronic Notes in Theoretical Computer Science (ENTCS)
Detecting Cognitive Causes of Confidentiality Leaks
Electronic Notes in Theoretical Computer Science (ENTCS)
Instruction-level security analysis for information flow in stack-based assembly languages
Information and Computation
A uniform type structure for secure information flow
ACM Transactions on Programming Languages and Systems (TOPLAS)
Secure web applications via automatic partitioning
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Type-based cryptographic operations
Journal of Computer Security - Special issue on CSFW15
Security Information Flow in Multidimensional Arrays
IEEE Transactions on Computers
Labels and event processes in the Asbestos operating system
ACM Transactions on Computer Systems (TOCS)
Optimality and condensing of information flow through linear refinement
Theoretical Computer Science
A Virtual Machine Based Information Flow Control System for Policy Enforcement
Electronic Notes in Theoretical Computer Science (ENTCS)
SIF: enforcing confidentiality and integrity in web applications
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Secure slices of insecure programs
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Compositional information flow security for concurrent programs
Journal of Computer Security
A security domain model to assess software for exploitable covert channels
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
A type system for data-flow integrity on windows vista
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Dominator-tree analysis for distributed authorization
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Information flow security of multi-threaded distributed programs
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Securing nonintrusive web encryption through information flow
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Cryptographically-masked flows
Theoretical Computer Science
A library for light-weight information-flow security in haskell
Proceedings of the first ACM SIGPLAN symposium on Haskell
On the Limits of Information Flow Techniques for Malware Analysis and Containment
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Effective blame for information-flow violations
Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering
Termination-Insensitive Noninterference Leaks More Than Just a Bit
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Towards the development of privacy-aware systems
Information and Software Technology
Algorithms and tool support for dynamic information flow analysis
Information and Software Technology
A security policy for a profile-oriented operating system
AFIPS '81 Proceedings of the May 4-7, 1981, national computer conference
Embedding verifiable information flow analysis
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Complete information flow tracking from the gates up
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
Static analysis for inference of explicit information flow
Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
A type system for data-flow integrity on Windows Vista
ACM SIGPLAN Notices
Mechanized information flow analysis through inductive assertions
Proceedings of the 2008 International Conference on Formal Methods in Computer-Aided Design
Pointless tainting?: evaluating the practicality of pointer tainting
Proceedings of the 4th ACM European conference on Computer systems
Remote Attestation of Attribute Updates and Information Flows in a UCON System
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
ESOP '09 Proceedings of the 18th European Symposium on Programming Languages and Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Secure Information Flow as a Safety Property
Formal Aspects in Security and Trust
Information-Theoretic Modeling and Analysis of Interrupt-Related Covert Channels
Formal Aspects in Security and Trust
Laminar: practical fine-grained decentralized information flow control
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
TAJ: effective taint analysis of web applications
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Catch me if you can: permissive yet secure error handling
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Efficient purely-dynamic information flow analysis
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
A language for information flow: dynamic tracking in multiple interdependent dimensions
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Measuring the strength of information flows in programs
ACM Transactions on Software Engineering and Methodology (TOSEM)
A Tool for Automated Certification of Java Source Code in Maude
Electronic Notes in Theoretical Computer Science (ENTCS)
Fabric: a platform for secure distributed computation and storage
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Achieving information flow security through monadic control of effects
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Efficient purely-dynamic information flow analysis
ACM SIGPLAN Notices
Verifying Information Flow Control over Unbounded Processes
FM '09 Proceedings of the 2nd World Congress on Formal Methods
User-input dependence analysis via graph reachability
User-input dependence analysis via graph reachability
Policy-based intrusion detection in web applications by monitoring Java information flows
International Journal of Information and Computer Security
Neon: system support for derived data management
Proceedings of the 6th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
A lattice-based approach to mashup security
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Combining different proof techniques for verifying information flow security
LOPSTR'06 Proceedings of the 16th international conference on Logic-based program synthesis and transformation
Security for multithreaded programs under cooperative scheduling
PSI'06 Proceedings of the 6th international Andrei Ershov memorial conference on Perspectives of systems informatics
An information flow verifier for small embedded systems
WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
Handling encryption in an analysis for secure information flow
ESOP'03 Proceedings of the 12th European conference on Programming
Multi-layer audit of access rights
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Computationally sound typing for non-interference: the case of deterministic encryption
FSTTCS'07 Proceedings of the 27th international conference on Foundations of software technology and theoretical computer science
Closing internal timing channels by transformation
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Proving noninterference by a fully complete translation to the simply typed λ-calculus
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Adversaries and information leaks (Tutorial)
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Security of multithreaded programs by compilation
ACM Transactions on Information and System Security (TISSEC)
Tracking information flow in dynamic tree structures
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Permissive dynamic information flow analysis
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
A more precise security type system for dynamic security tests
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Secure information flow analysis for hardware design: using the right abstraction for the job
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Strict control dependence and its effect on dynamic information flow analyses
Proceedings of the 19th international symposium on Software testing and analysis
An empirical investigation into open source web applications' implementation vulnerabilities
Empirical Software Engineering
Adjoining classified and unclassified information by abstract interpretation
Journal of Computer Security
Pointer tainting still pointless: (but we all see the point of tainting)
ACM SIGOPS Operating Systems Review
An alternative characterization of weak order dependence
Information Processing Letters
Proceedings of the 3rd international conference on Security of information and networks
Protecting confidential data on personal computers with storage capsules
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Deductive verification of cryptographic software
Innovations in Systems and Software Engineering
Trail of bytes: efficient support for forensic analysis
Proceedings of the 17th ACM conference on Computer and communications security
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Abstract certification of global non-interference in rewriting logic
FMCO'09 Proceedings of the 8th international conference on Formal methods for components and objects
Unifying facets of information integrity
ICISS'10 Proceedings of the 6th international conference on Information systems security
Model-checking trace-based information flow properties
Journal of Computer Security
Transactions on computational science XI
A theory of noninterference for the π-calculus
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
From exponential to polynomial-time security typing via principal types
ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
Caisson: a hardware description language for secure information flow
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Proceedings of the 38th annual international symposium on Computer architecture
Automating information flow control in component-based distributed systems
Proceedings of the 14th international ACM Sigsoft symposium on Component based software engineering
Integrating business process modelling and ERP role engineering
International Journal of Business Information Systems
Saving the world wide web from vulnerable JavaScript
Proceedings of the 2011 International Symposium on Software Testing and Analysis
Practical elimination of external interaction vulnerabilities in web applications
Journal of Web Engineering
An accurate type system for information flow in presence of arrays
FMOODS'11/FORTE'11 Proceedings of the joint 13th IFIP WG 6.1 and 30th IFIP WG 6.1 international conference on Formal techniques for distributed systems
Towards practical avoidance of information leakage in enterprise networks
HotSec'11 Proceedings of the 6th USENIX conference on Hot topics in security
Flexible dynamic information flow control in Haskell
Proceedings of the 4th ACM symposium on Haskell
RoleCast: finding missing security checks when you do not know what checks are
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
A unifying theory of control dependence and its application to arbitrary program structures
Theoretical Computer Science
Creating objects in the flexible authorization framework
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Cryptographically-Masked flows
SAS'06 Proceedings of the 13th international conference on Static Analysis
Parametric and termination-sensitive control dependence
SAS'06 Proceedings of the 13th international conference on Static Analysis
Provably correct runtime enforcement of non-interference properties
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Efficient incremental information flow control with nested control regions
Proceedings of the 1st ACM SIGPLAN international workshop on Programming language and systems technologies for internet clients
Allowing state changes in specifications
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
On the rôle of abstract non-interference in language-based security
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
Information flow analysis for a typed assembly language with polymorphic stacks
CASSIS'05 Proceedings of the Second international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
A typed assembly language for non-interference
ICTCS'05 Proceedings of the 9th Italian conference on Theoretical Computer Science
Timed abstract non-interference
FORMATS'05 Proceedings of the Third international conference on Formal Modeling and Analysis of Timed Systems
Noninterference with dynamic security domains and policies
ASIAN'09 Proceedings of the 13th Asian conference on Advances in Computer Science: information Security and Privacy
Secure information flow for distributed systems
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
History-based access control and secure information flow
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
A privacy enhanced role-based access control model for enterprises
ICCNMC'05 Proceedings of the Third international conference on Networking and Mobile Computing
Non-termination and secure information flow
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Secure information flow by self-composition
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Adjoining declassification and attack models by abstract interpretation
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
A type system for reachability and acyclicity
ECOOP'05 Proceedings of the 19th European conference on Object-Oriented Programming
Secure requirements elicitation through triggered message sequence charts
ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
A type system for computationally secure information flow
FCT'05 Proceedings of the 15th international conference on Fundamentals of Computation Theory
Bridging language-based and process calculi security
FOSSACS'05 Proceedings of the 8th international conference on Foundations of Software Science and Computation Structures
A theorem proving approach to analysis of secure information flow
SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
Generalized abstract non-interference: abstract secure information-flow analysis for automata
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Security-typed languages for implementation of cryptographic protocols: a case study
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
The PER model of abstract non-interference
SAS'05 Proceedings of the 12th international conference on Static Analysis
Limiting information leakage in event-based communication
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Capabilities for information flow
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
From dynamic to static and back: riding the roller coaster of information-flow control research
PSI'09 Proceedings of the 7th international Andrei Ershov Memorial conference on Perspectives of Systems Informatics
Flow based interpretation of access control: detection of illegal information flows
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Type-Based distributed access control vs. untyped attackers
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Flow locks: towards a core calculus for dynamic flow policies
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
Decentralized delimited release
APLAS'11 Proceedings of the 9th Asian conference on Programming Languages and Systems
Minemu: the world's fastest taint tracker
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Runtime enforcement of information flow security in tree manipulating processes
ESSoS'12 Proceedings of the 4th international conference on Engineering Secure Software and Systems
A Denotational Semantics for the π-Calculus
IW-FM'01 Proceedings of the 5th Irish conference on Formal Methods
A framework for static detection of privacy leaks in android applications
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Parallel developments in programming languages and operating systems
Computer Languages
Towards a taint mode for cloud computing web applications
Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
Automated detection of client-state manipulation vulnerabilities
Proceedings of the 34th International Conference on Software Engineering
Implementing erasure policies using taint analysis
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
A taint mode for python via a library
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
JCSI: A tool for checking secure information flow in Java Card applications
Journal of Systems and Software
User-aware privacy control via extended static-information-flow analysis
Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering
Secure programming via visibly pushdown safety games
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
Addressing covert termination and timing channels in concurrent information flow systems
Proceedings of the 17th ACM SIGPLAN international conference on Functional programming
Concrete and Abstract Semantics to Check Secure Information Flow in Concurrent Programs
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P 2003)
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P'2002), Part 1
Security of multithreaded programs by compilation
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Enforcing information flow policies by a three-valued analysis
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Automatic information flow analysis of business process models
BPM'12 Proceedings of the 10th international conference on Business Process Management
Information flow in systems with schedulers, Part I: Definitions
Theoretical Computer Science
Detecting control flow in smarphones: combining static and dynamic analyses
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
ANDROMEDA: accurate and scalable security analysis of web applications
FASE'13 Proceedings of the 16th international conference on Fundamental Approaches to Software Engineering
Type-based dependency analysis for javascript
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Faceted execution of policy-agnostic programs
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Position paper: Sapper -- a language for provable hardware policy enforcement
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Formal verification of side-channel countermeasures using self-composition
Science of Computer Programming
An information-flow type-system for mixed protocol secure computation
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones
Communications of the ACM
Data flow analysis of embedded program expressions
AISC '12 Proceedings of the Tenth Australasian Information Security Conference - Volume 125
Compositional type systems for stack-based low-level languages
CATS '06 Proceedings of the Twelfth Computing: The Australasian Theory Symposium - Volume 51
Sapper: a language for hardware-level security policy enforcement
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems
Information flow tracking meets just-in-time compilation
ACM Transactions on Architecture and Code Optimization (TACO)
Efficient static checker for tainted variable attacks
Science of Computer Programming
Journal of Computer Security - CSF 2010
Hi-index | 48.25 |
ertification mechanism for verifying the secure flow of information through a program. Because it exploits the properties of a lattice structure among security classes, the procedure is sufficiently simple that it can easily be included in the analysis phase of most existing compilers. Appropriate semantics are presented and proved correct. An important application is the confinement problem: The mechanism can prove that a program cannot cause supposedly nonconfidential results to depend on confidential input data.