Formal Aspects in Security and Trust
Flexible scheduler-independent security
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Runtime enforcement of information flow security in tree manipulating processes
ESSoS'12 Proceedings of the 4th international conference on Engineering Secure Software and Systems
Hi-index | 0.00 |
Before starting a rigorous security analysis of a given software system, the most likely outcome is often already clear, namely that the system is not entirely secure. Modifying a program such that it passes the analysis is a difficult problem and usually left entirely to the programmer. In this article, we show that and how unification can be used to compute such program transformations. This opens a new perspective on the problem of correcting insecure programs. We also demonstrate that integrating our approach into an existing transforming type system can improve the precision of the analysis and the quality of the resulting programs.