Fine-grained mobility in the Emerald system
ACM Transactions on Computer Systems (TOCS)
Multilevel security in the UNIX tradition
Software—Practice & Experience
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
From system F to typed assembly language
ACM Transactions on Programming Languages and Systems (TOPLAS)
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Verifying secrets and relative secrecy
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Information flow inference for free
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
ACM Transactions on Information and System Security (TISSEC)
A sound type system for secure flow analysis
Journal of Computer Security
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Security Kernel validation in practice
Communications of the ACM
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Java Virtual Machine Specification
Java Virtual Machine Specification
SAS '95 Proceedings of the Second International Symposium on Static Analysis
Probabilistic Noninterference for Multi-Threaded Programs
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Secure Program Partitioning
A Generic Approach to the Security of Multi-Threaded Programs
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A New Type System for Secure Information Flow
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A Logical Approach to Multilevel Security of Probabilistic Systems
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Absorbing covers and intransitive non-interference
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
SSH: secure login connections over the internet
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
ACM Transactions on Computer Systems (TOCS)
Securing Communication in a Concurrent Language
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Bug isolation via remote program sampling
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
HPDC '02 Proceedings of the 11th IEEE International Symposium on High Performance Distributed Computing
Model-carrying code: a practical approach for safe execution of untrusted applications
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
A unifying approach to the security of distributed and multi-threaded programs
Journal of Computer Security - Special issue on CSFW14
Embedding role-based access control model in object-oriented systems to protect privacy
Journal of Systems and Software
Security policies for downgrading
Proceedings of the 11th ACM conference on Computer and communications security
Providing flexible access control to an information flow control model
Journal of Systems and Software
ACSC '06 Proceedings of the 29th Australasian Computer Science Conference - Volume 48
Secured Information Flow for Asynchronous Sequential Processes
Electronic Notes in Theoretical Computer Science (ENTCS)
Performance aware secure code partitioning
Proceedings of the conference on Design, automation and test in Europe
Access control models and security labelling
ACSC '07 Proceedings of the thirtieth Australasian conference on Computer science - Volume 62
Using hypervisor to provide data secrecy for user applications on a per-page basis
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Securing distributed systems with information flow control
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Wedge: splitting applications into reduced-privilege compartments
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Ripley: automatically securing web 2.0 applications through replicated execution
Proceedings of the 16th ACM conference on Computer and communications security
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Introducing reference flow control for detecting intrusion symptoms at the OS level
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Polyglot: an extensible compiler framework for Java
CC'03 Proceedings of the 12th international conference on Compiler construction
Program partitioning using dynamic trust models
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Cooperative bug isolation: winning thesis of the 2005 ACM doctoral dissertation competition
Cooperative bug isolation: winning thesis of the 2005 ACM doctoral dissertation competition
Automating configuration troubleshooting with dynamic information flow analysis
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Tightlip: keeping applications from spilling the beans
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
A weakest precondition approach to robustness
Transactions on computational science X
Automatically optimizing secure computation
Proceedings of the 18th ACM conference on Computer and communications security
Security-typed languages for implementation of cryptographic protocols: a case study
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
The HybrEx model for confidentiality and privacy in cloud computing
HotCloud'11 Proceedings of the 3rd USENIX conference on Hot topics in cloud computing
Secure multi-execution in haskell
PSI'11 Proceedings of the 8th international conference on Perspectives of System Informatics
Dynamic information flow control architecture for web applications
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Knowledge inference for optimizing secure multi-party computation
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Hi-index | 0.00 |
This paper presents secure program partitioning, a language-based technique for protecting confidential data during computation in distributed systems containing mutually untrusted hosts. Confidentiality and integrity policies can be expressed by annotating programs with security types that constrain information flow; these programs can then be partitioned automatically to run securely on heterogeneously trusted hosts. The resulting communicating subprograms collectively implement the original program, yet the system as a whole satisfies the security requirements of participating principals without requiring a universally trusted host machine. The experience in applying this methodology and the performance of the resulting distributed code suggest that this is a promising way to obtain secure distributed computation.