Projections for strictness analysis
Proc. of a conference on Functional programming languages and computer architecture
Two-level semantics and abstract interpretation
Theoretical Computer Science
A probabilistic powerdomain of evaluations
Proceedings of the Fourth Annual Symposium on Logic in computer science
FPCA '89 Proceedings of the fourth international conference on Functional programming languages and computer architecture
Binding time analysis: a new PERspective
PEPM '91 Proceedings of the 1991 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Semantic foundations of binding-time analysis for imperative programs
PEPM '95 Proceedings of the 1995 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A semantic approach to secure information flow
Science of Computer Programming - Special issue on mathematics of program construction
Probabilistic noninterference in a concurrent language
Journal of Computer Security
A sound type system for secure flow analysis
Journal of Computer Security
An Axiomatic Approach to Information Flow in Programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
A Semantic Model of Binding Times for Safe Partial Evaluation
PLILPS '95 Proceedings of the 7th International Symposium on Programming Languages: Implementations, Logics and Programs
TAPSOFT '95 Proceedings of the 6th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
Compile-Time Detection of Information Flow in Sequential Programs
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
A Semantic Approach to Secure Information Flow
MPC '98 Proceedings of the Mathematics of Program Construction
Eliminating Covert Flows with Minimum Typings
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Probabilistic Noninterference for Multi-Threaded Programs
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Information transmission in computational systems
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
Journal of Functional Programming
Detection of information leak by data flow analysis
ACM SIGPLAN Notices
Secure Information Flow via Linear Continuations
Higher-Order and Symbolic Computation
The Impact of Synchronisation on Secure Information Flow in Concurrent Programs
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Securing Communication in a Concurrent Language
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Secure Information Flow and Pointer Confinement in a Java-like Language
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A Generic Approach to the Security of Multi-Threaded Programs
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A unifying approach to the security of distributed and multi-threaded programs
Journal of Computer Security - Special issue on CSFW14
Simple relational correctness proofs for static analyses and program transformations
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Abstract non-interference: parameterizing non-interference by abstract interpretation
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
On the secure implementation of security protocols
Science of Computer Programming - Special issue on 12th European symposium on programming (ESOP 2003)
Translating dependency into parametricity
Proceedings of the ninth ACM SIGPLAN international conference on Functional programming
Formally verifying information flow type systems for concurrent and thread systems
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Stack-based access control and secure information flow
Journal of Functional Programming
Decidability and proof systems for language-based noninterference relations
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
On flow-sensitive security types
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Enforcing robust declassification and qualified robustness
Journal of Computer Security - Special issue on CSFW17
Semantics of an effect analysis for exceptions
TLDI '07 Proceedings of the 2007 ACM SIGPLAN international workshop on Types in languages design and implementation
Science of Computer Programming
What You Lose is What You Leak: Information Leakage in Declassification Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Localized delimited release: combining the what and where dimensions of information release
Proceedings of the 2007 workshop on Programming languages and analysis for security
Run-time principals in information-flow type systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Optimality and condensing of information flow through linear refinement
Theoretical Computer Science
Compositional information flow security for concurrent programs
Journal of Computer Security
Secure information flow for a concurrent language with scheduling
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Formal certification of code-based cryptographic proofs
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
On the Decidability of Model-Checking Information Flow Properties
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Formal Certification of ElGamal Encryption
Formal Aspects in Security and Trust
The Shadow Knows: Refinement and security in sequential programs
Science of Computer Programming
On PDG-based noninterference and its modular proof
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
The Secret Art of Computer Programming
ICTAC '09 Proceedings of the 6th International Colloquium on Theoretical Aspects of Computing
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Security, Probability and Nearly Fair Coins in the Cryptographers' Café
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Sums and Lovers: Case Studies in Security, Compositionality and Refinement
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Paralocks: role-based information flow control and beyond
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
On the secure implementation of security protocols
ESOP'03 Proceedings of the 12th European conference on Programming
Automata-based confidentiality monitoring
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Deriving bisimulations by simplifying partitions
VMCAI'08 Proceedings of the 9th international conference on Verification, model checking, and abstract interpretation
Just forget it: the semantics and enforcement of information erasure
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Adjoining classified and unclassified information by abstract interpretation
Journal of Computer Security
Model-checking trace-based information flow properties
Journal of Computer Security
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
On the rôle of abstract non-interference in language-based security
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
Timed abstract non-interference
FORMATS'05 Proceedings of the Third international conference on Formal Modeling and Analysis of Timed Systems
Information flow analysis for java bytecode
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Modelling declassification policies using abstract domain completeness
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Adjoining declassification and attack models by abstract interpretation
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Unwinding conditions for security in imperative languages
LOPSTR'04 Proceedings of the 14th international conference on Logic Based Program Synthesis and Transformation
A theorem proving approach to analysis of secure information flow
SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
Generalized abstract non-interference: abstract secure information-flow analysis for automata
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
The PER model of abstract non-interference
SAS'05 Proceedings of the 12th international conference on Static Analysis
Information flow is linear refinement of constancy
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
Timing-sensitive information flow analysis for synchronous systems
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
From coupling relations to mated invariants for checking information flow
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
The shadow knows: refinement of ignorance in sequential programs
MPC'06 Proceedings of the 8th international conference on Mathematics of Program Construction
Reading, writing and relations: towards extensional semantics for effect analyses
APLAS'06 Proceedings of the 4th Asian conference on Programming Languages and Systems
A semantic hierarchy for erasure policies
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
A Kantorovich-Monadic Powerdomain for Information Hiding, with Probability and Nondeterminism
LICS '12 Proceedings of the 2012 27th Annual IEEE/ACM Symposium on Logic in Computer Science
Enforcing information flow policies by a three-valued analysis
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Abstraction and invariance for algebraically indexed types
POPL '13 Proceedings of the 40th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Hi-index | 0.00 |
This paper proposes an extensional semantics-based formal specification of secure information-flow properties in sequential programs based on representing degrees of security by partial equivalence relations (pers). The specification clarifies and unifies a number of specific correctness arguments in the literature and connections to other forms of program analysis. The approach is inspired by (and in the deterministic case equivalent to) the use of partial equivalence relations in specifying binding-time analysis, and is thus able to specify security properties of higher-order functions and “partially confidential data”. We also show how the per approach can handle nondeterminism for a first-order language, by using powerdomain semantics and show how probabilistic security properties can be formalised by using probabilistic powerdomain semantics. We illustrate the usefulness of the compositional nature of the security specifications by presenting a straightforward correctness proof for a simple type-based security analysis.