Type inference and informative error reporting for secure information flow
Proceedings of the 44th annual Southeast regional conference
Secure information flow for a concurrent language with scheduling
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Catch me if you can: permissive yet secure error handling
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Combining different proof techniques for verifying information flow security
LOPSTR'06 Proceedings of the 16th international conference on Logic-based program synthesis and transformation
An accurate type system for information flow in presence of arrays
FMOODS'11/FORTE'11 Proceedings of the joint 13th IFIP WG 6.1 and 30th IFIP WG 6.1 international conference on Formal techniques for distributed systems
Efficient incremental information flow control with nested control regions
Proceedings of the 1st ACM SIGPLAN international workshop on Programming language and systems technologies for internet clients
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
Data flow analysis of embedded program expressions
AISC '12 Proceedings of the Tenth Australasian Information Security Conference - Volume 125
Hi-index | 0.00 |
Our goal in this paper is to make secure informationflow typing more practical.We propose simple and permissivetyping rules for array operations in a simple sequentialimperative language.Arrays are given types of the form驴驴 and 驴驴, where 驴驴 is the security class of thearray's contents and 驴驴 is the security class of the array's length.Tokeep the typing rules permissive, we propose a novel, lenientsemantics for out-of-bounds array indices.We showthat our type system ensures a noninterference property, andwe present an example that suggests that it will not be toodifficult in practice to write programs that satisfy the typing rules.