Precise Analysis of Memory Consumption using Program Logics
SEFM '05 Proceedings of the Third IEEE International Conference on Software Engineering and Formal Methods
Proceedings of the 2006 workshop on Programming languages and analysis for security
Science of Computer Programming
Algorithmic Verification of Noninterference Properties
Electronic Notes in Theoretical Computer Science (ENTCS)
Observational purity and encapsulation
Theoretical Computer Science
A simulation-based proof technique for dynamic information flow
Proceedings of the 2007 workshop on Programming languages and analysis for security
Towards a logical account of declassification
Proceedings of the 2007 workshop on Programming languages and analysis for security
Verification condition generation for conditional information flow
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Compositional information flow security for concurrent programs
Journal of Computer Security
Secure information flow for a concurrent language with scheduling
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Integration of a security type system into a program logic
Theoretical Computer Science
Modular Reasoning in Object-Oriented Programming
Verified Software: Theories, Tools, Experiments
CoVaC: Compiler Validation by Program Analysis of the Cross-Product
FM '08 Proceedings of the 15th international symposium on Formal Methods
Specification and Checking of Software Contracts for Conditional Information Flow
FM '08 Proceedings of the 15th international symposium on Formal Methods
Embedding verifiable information flow analysis
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Secure Information Flow as a Safety Property
Formal Aspects in Security and Trust
Efficient purely-dynamic information flow analysis
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
The Non-Interference Protection in BML
Electronic Notes in Theoretical Computer Science (ENTCS)
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Efficient purely-dynamic information flow analysis
ACM SIGPLAN Notices
Verifying Cryptographic Software Correctness with Respect to Reference Implementations
FMICS '09 Proceedings of the 14th International Workshop on Formal Methods for Industrial Critical Systems
Preventing Timing Leaks Through Transactional Branching Instructions
Electronic Notes in Theoretical Computer Science (ENTCS)
Combining different proof techniques for verifying information flow security
LOPSTR'06 Proceedings of the 16th international conference on Logic-based program synthesis and transformation
An information flow verifier for small embedded systems
WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
Integration of a security type system into a program logic
TGC'06 Proceedings of the 2nd international conference on Trustworthy global computing
Verification of equivalent-results methods
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Verification of object-oriented software: The KeY approach
Verification of object-oriented software: The KeY approach
Restricted delegation and revocation in language-based security: (position paper)
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Deductive verification of cryptographic software
Innovations in Systems and Software Engineering
Information theory and security: quantitative information flow
SFM'10 Proceedings of the Formal methods for quantitative aspects of programming languages, and 10th international conference on School on formal methods for the design of computer, communication and software systems
Flexible scheduler-independent security
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
On bounding problems of quantitative information flow
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Quantifying information leaks in software
Proceedings of the 26th Annual Computer Security Applications Conference
Abstract certification of global non-interference in rewriting logic
FMCO'09 Proceedings of the 8th international conference on Formal methods for components and objects
Unifying facets of information integrity
ICISS'10 Proceedings of the 6th international conference on Information systems security
Relational verification using product programs
FM'11 Proceedings of the 17th international conference on Formal methods
Computer-aided security proofs for the working cryptographer
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
ITP'11 Proceedings of the Second international conference on Interactive theorem proving
A multi-compositional enforcement on information flow security
ICICS'11 Proceedings of the 13th international conference on Information and communications security
Provably correct runtime enforcement of non-interference properties
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Preserving secrecy under refinement
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Applied quantitative information flow and statistical databases
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Specification and verification of side channel declassification
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Formal methods for smartcard security
Foundations of Security Analysis and Design III
Secure information flow by self-composition
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Unwinding conditions for security in imperative languages
LOPSTR'04 Proceedings of the 14th international conference on Logic Based Program Synthesis and Transformation
Privacy-sensitive information flow with JML
CADE' 20 Proceedings of the 20th international conference on Automated Deduction
A theorem proving approach to analysis of secure information flow
SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
A probabilistic property-specific approach to information flow
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Secure information flow as a safety problem
SAS'05 Proceedings of the 12th international conference on Static Analysis
Timing-sensitive information flow analysis for synchronous systems
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
From coupling relations to mated invariants for checking information flow
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
Proof obligations preserving compilation
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Model-checking secure information flow for multi-threaded programs
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Verifying location-based services with declassification enforcement
APWeb'12 Proceedings of the 14th Asia-Pacific international conference on Web Technologies and Applications
Towards incrementalization of holistic hyperproperties
POST'12 Proceedings of the First international conference on Principles of Security and Trust
A certificate infrastructure for machine-checked proofs of conditional information flow
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Verification conditions for source-level imperative programs
Computer Science Review
Scheduler-specific confidentiality for multi-threaded programs and its logic-based verification
FoVeOOS'11 Proceedings of the 2011 international conference on Formal Verification of Object-Oriented Software
Verification of information flow properties of java programs without approximations
FoVeOOS'11 Proceedings of the 2011 international conference on Formal Verification of Object-Oriented Software
Conditional information flow policies and unwinding relations
TGC'11 Proceedings of the 6th international conference on Trustworthy Global Computing
Noninterference via symbolic execution
FMOODS'12/FORTE'12 Proceedings of the 14th joint IFIP WG 6.1 international conference and Proceedings of the 32nd IFIP WG 6.1 international conference on Formal Techniques for Distributed Systems
Secure multi-execution through static program transformation
FMOODS'12/FORTE'12 Proceedings of the 14th joint IFIP WG 6.1 international conference and Proceedings of the 32nd IFIP WG 6.1 international conference on Formal Techniques for Distributed Systems
Enforcing information flow policies by a three-valued analysis
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Verification of partial-information probabilistic systems using counterexample-guided refinements
ATVA'12 Proceedings of the 10th international conference on Automated Technology for Verification and Analysis
Proving concurrent noninterference
CPP'12 Proceedings of the Second international conference on Certified Programs and Proofs
From relational verification to SIMD loop synthesis
Proceedings of the 18th ACM SIGPLAN symposium on Principles and practice of parallel programming
Confidentiality for probabilistic multi-threaded programs and its verification
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Knowledge inference for optimizing secure multi-party computation
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security
Formal verification of side-channel countermeasures using self-composition
Science of Computer Programming
Dependent Type Theory for Verification of Information Flow and Access Control Policies
ACM Transactions on Programming Languages and Systems (TOPLAS)
Probabilistic Relational Reasoning for Differential Privacy
ACM Transactions on Programming Languages and Systems (TOPLAS)
Relational abstract interpretation for the verification of 2-hypersafety properties
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
On bounding problems of quantitative information flow
Journal of Computer Security - ESORICS 2010
Effective verification of confidentiality for multi-threaded programs
Journal of Computer Security - Foundational Aspects of Security
Hi-index | 0.00 |
Non-interference is a high-level security propertythat guarantees the absence of illicit information leakagesthrough executing programs.More precisely,non-interference for a program assumes a separation betweensecret inputs and public inputs on the one hand,and secret outputs and public outputs on the other hand,and requires that the value of public outputs does not dependon the value of secret inputs.A common meansto enforce non-interference is to use an informationflow type system.However, such type systemsare inherently imprecise, and reject many secure programs,even for simple programming languages.Thepurpose of this paper is to investigate logical formulationsof non-interference that allow a more precise analysisof programs.It appears that such formulations areoften sound an complete, and also amenable to interactiveor automated verification techniques, such astheorem-proving or model-checking.We illustrate the applicability of our method in severalscenarii, including a simple imperative language, anon-deterministic language, and finally a language withshared mutable data structures.