Islands: aliasing protection in object-oriented languages
OOPSLA '91 Conference proceedings on Object-oriented programming systems, languages, and applications
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Making the future safe for the past: adding genericity to the Java programming language
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
The Java programming language (2nd ed.)
The Java programming language (2nd ed.)
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Information flow inference for free
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
A sound type system for secure flow analysis
Journal of Computer Security
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Software—Practice & Experience - Special issue on aliasing in object-oriented systems
Representation independence, confinement and access control [extended abstract]
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Information flow inference for ML
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Featherweight Java: a minimal core calculus for Java and GJ
ACM Transactions on Programming Languages and Systems (TOPLAS)
Encapsulating objects with confined types
OOPSLA '01 Proceedings of the 16th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Java Card Technology for Smart Cards: Architecture and Programmer's Guide
A Per Model of Secure Information Flow in Sequential Programs
Higher-Order and Symbolic Computation
Capabilities for Sharing: A Generalisation of Uniqueness and Read-Only
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Simple Ownership Types for Object Containment
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Partial Evaluation and Non-inference for Object Calculi
FLOPS '99 Proceedings of the 4th Fuji International Symposium on Functional and Logic Programming
A Type-Based Approach to Program Security
TAPSOFT '97 Proceedings of the 7th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
Probabilistic Noninterference for Multi-Threaded Programs
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
A Generic Approach to the Security of Multi-Threaded Programs
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A New Type System for Secure Information Flow
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Providing flexibility in information flow control for object oriented systems
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Formal aspects of mobile code security
Formal aspects of mobile code security
Information flow inference for ML
ACM Transactions on Programming Languages and Systems (TOPLAS)
Tool-Assisted Specification and Verification of the JavaCard Platform
AMAST '02 Proceedings of the 9th International Conference on Algebraic Methodology and Software Technology
Securing Communication in a Concurrent Language
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Using Replication and Partitioning to Build Secure Distributed Systems
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Statically assuring secrecy for dynamic concurrent processes
Proceedings of the 5th ACM SIGPLAN international conference on Principles and practice of declaritive programming
Simple relational correctness proofs for static analyses and program transformations
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Securing web application code by static analysis and runtime protection
Proceedings of the 13th international conference on World Wide Web
Formally verifying information flow type systems for concurrent and thread systems
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Security policies for downgrading
Proceedings of the 11th ACM conference on Computer and communications security
Downgrading policies and relaxed noninterference
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Stack-based access control and secure information flow
Journal of Functional Programming
Journal of Functional Programming
Data-centric security: role analysis and role typestates
Proceedings of the eleventh ACM symposium on Access control models and technologies
Enforcing robust declassification and qualified robustness
Journal of Computer Security - Special issue on CSFW17
Security types preserving compilation
Computer Languages, Systems and Structures
Improved typings for probabilistic noninterference in a multi-threaded language
Journal of Computer Security
Improving usability of information flow security in java
Proceedings of the 2007 workshop on Programming languages and analysis for security
Reasoning about safety properties in a JVM-like environment
Science of Computer Programming
Run-time principals in information-flow type systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Type-based information flow analysis for bytecode languages with variable object field policies
Proceedings of the 2008 ACM symposium on Applied computing
Secure information flow for a concurrent language with scheduling
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Securing nonintrusive web encryption through information flow
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
On PDG-based noninterference and its modular proof
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Efficient purely-dynamic information flow analysis
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Efficient purely-dynamic information flow analysis
ACM SIGPLAN Notices
Timing Aware Information Flow Security for a JavaCard-like Bytecode
Electronic Notes in Theoretical Computer Science (ENTCS)
Preventing Timing Leaks Through Transactional Branching Instructions
Electronic Notes in Theoretical Computer Science (ENTCS)
Permissive dynamic information flow analysis
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Efficient incremental information flow control with nested control regions
Proceedings of the 1st ACM SIGPLAN international workshop on Programming language and systems technologies for internet clients
Information flow analysis for a typed assembly language with polymorphic stacks
CASSIS'05 Proceedings of the Second international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
A typed assembly language for non-interference
ICTCS'05 Proceedings of the 9th Italian conference on Theoretical Computer Science
A sound analysis for secure information flow using abstract memory graphs
FSEN'09 Proceedings of the Third IPM international conference on Fundamentals of Software Engineering
History-based access control and secure information flow
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
A design for a security-typed language with certificate-based declassification
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Verifying a secure information flow analyzer
TPHOLs'05 Proceedings of the 18th international conference on Theorem Proving in Higher Order Logics
Privacy-sensitive information flow with JML
CADE' 20 Proceedings of the 20th international conference on Automated Deduction
Security-typed languages for implementation of cryptographic protocols: a case study
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Eliminating implicit information leaks by transformational typing and unification
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
A typed assembly language for confidentiality
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
Securing the future: an information flow analysis of a distributed OO language
SOFSEM'12 Proceedings of the 38th international conference on Current Trends in Theory and Practice of Computer Science
SAILS: static analysis of information leakage with sample
Proceedings of the 27th Annual ACM Symposium on Applied Computing
A theory of software product line refinement
Theoretical Computer Science
Multiple aggregate entry points for ownership types
ECOOP'12 Proceedings of the 26th European conference on Object-Oriented Programming
Enforcing information flow policies by a three-valued analysis
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Composing polymorphic information flow systems with reference immutability
Proceedings of the 15th Workshop on Formal Techniques for Java-like Programs
Practical information flow for legacy web applications
Proceedings of the 8th Workshop on Implementation, Compilation, Optimization of Object-Oriented Languages, Programs and Systems
Noninterference in a predicative polymorphic calculus for access control
Computer Languages, Systems and Structures
Aliasing in Object-Oriented Programming
| Hi-index | 0.00 |
We consider a sequential object-oriented language with pointers and mutable state, private fields and class-based visibility, dynamic binding and inheritance, recursive classes, casts and type tests, and recursive methods. Programs are annotated with security levels, constrainedby security typing rules. A noninterference theorem shows how the rules ensure pointer confinement and secure information flow.