Compilers: principles, techniques, and tools
Compilers: principles, techniques, and tools
Inductive definitions, semantics and abstract interpretations
POPL '92 Proceedings of the 19th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Abstract interpretation: a semantics-based tool for program analysis
Handbook of logic in computer science (vol. 4)
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A semantic approach to secure information flow
Science of Computer Programming - Special issue on mathematics of program construction
A sound type system for secure flow analysis
Journal of Computer Security
An Axiomatic Approach to Information Flow in Programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Checking security of Java bytecode by abstract interpretation
Proceedings of the 2002 ACM symposium on Applied computing
A unified approach to global program optimization
POPL '73 Proceedings of the 1st annual ACM SIGACT-SIGPLAN symposium on Principles of programming languages
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Java Virtual Machine Specification
Java Virtual Machine Specification
Bytecode verification on Java smart cards
Software—Practice & Experience
Abstract interpretation of operational semantics for secure information flow
Information Processing Letters
A notion of non-interference for timed automata
Fundamenta Informaticae
Secure Information Flow via Linear Continuations
Higher-Order and Symbolic Computation
VMCAI '02 Revised Papers from the Third International Workshop on Verification, Model Checking, and Abstract Interpretation
Compile-Time Detection of Information Flow in Sequential Programs
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Checking Secure Interactions of Smart Card Applets
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Security Typings by Abstract Interpretation
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Java Bytecode Verification: Algorithms and Formalizations
Journal of Automated Reasoning
Fundamenta Informaticae - Concurrency specification and programming
Abstract non-interference: parameterizing non-interference by abstract interpretation
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Java bytecode verification for secure information flow
ACM SIGPLAN Notices
Non-interference for a JVM-like language
TLDI '05 Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation
Statically checking confidentiality via dynamic labels
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
Software—Practice & Experience
On flow-sensitive security types
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A logic for information flow in object-oriented programs
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Using Control Dependencies for Space-Aware Bytecode Verification
The Computer Journal
A typed assembly language for non-interference
ICTCS'05 Proceedings of the 9th Italian conference on Theoretical Computer Science
Information flow analysis for java bytecode
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Information flow for Algol-like languages
Computer Languages, Systems and Structures
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
We propose a method to analyze secure information flow in stack-based assembly languages, communicating with the external environment by means of input and output channels. The method computes for each instruction a security level for each memory variable and stack element. Instruction-level security analysis is flow-sensitive and hence is more precise than other analyses, such as standard security typing. Instruction-level security analysis is specified in the framework of abstract interpretation. We define concrete operational semantics which handles, in addition to execution aspects, the flow of information of the program. The basis of the approach is that each value is annotated by a security level and that the abstract domain is obtained from the concrete one by keeping the security levels and forgetting the actual values. Operand stack are abstracted as fixed-length stacks of security levels. An abstract state is a map from instructions to abstract machine configurations, where values are substituted by security levels. The abstract semantics consists of a set of abstract rules manipulating abstract states. The instruction-level security typing can be performed by an efficient fixpoint iteration algorithm, similar to that used by bytecode verification.