Add to ORKGAbstract. Proving software free of security bugs is hard. Programming language support to ensure that programs correctly enforce their security policies would help, but, to date, no language has the ability to verify the enforcement of the kinds of policies used in practice—dynamic, stateful policies which address a broad range of concerns including forms of access control and information flow tracking. This paper presents Fine, a new source-level security-typed language that, through the use of a simple module system and dependent, re-finement, and affine types, checks the enforcement of dynamic security policies applied to real software. Fine is proven sound. A prototype im-plementation of the compiler and several example programs are ava...
In the domain of security policy enforcement, the concerns of application developers are almost comp...
This thesis investigates the specification and the application of dynamic security policies in infor...
This paper presents a language in which information flow is securely controlled by a type system, ye...
Abstract. Proving software free of security bugs is hard. Programming language support to ensure tha...
Proving software free of security bugs is hard. Languages that ensure that programs correctly enforc...
Proving software free of security bugs is hard. Programming lan-guage support to ensure that program...
Over the last 35 years, researchers have proposed many different forms of security policies to contr...
Many organizations specify information release policies to describe the terms under which sensitive ...
Language-based security leverages program analysis and program rewriting to enforce security policie...
Language-based security leverages program analysis and program rewriting to enforce security policie...
Applications that manipulate sensitive information should ensure end-to-end security by satisfying t...
Several recent security-typed programming languages, such as Aura, PCML5, and Fine, allow programmer...
Applications that manipulate sensitive information should ensure end-to-end security by satisfying t...
Dynamic updating of information-flow policies Applications that manipulate sensitive information sho...
This paper presents a language in which information flow is securely controlled by a type system, ye...
In the domain of security policy enforcement, the concerns of application developers are almost comp...
This thesis investigates the specification and the application of dynamic security policies in infor...
This paper presents a language in which information flow is securely controlled by a type system, ye...
Abstract. Proving software free of security bugs is hard. Programming language support to ensure tha...
Proving software free of security bugs is hard. Languages that ensure that programs correctly enforc...
Proving software free of security bugs is hard. Programming lan-guage support to ensure that program...
Over the last 35 years, researchers have proposed many different forms of security policies to contr...
Many organizations specify information release policies to describe the terms under which sensitive ...
Language-based security leverages program analysis and program rewriting to enforce security policie...
Language-based security leverages program analysis and program rewriting to enforce security policie...
Applications that manipulate sensitive information should ensure end-to-end security by satisfying t...
Several recent security-typed programming languages, such as Aura, PCML5, and Fine, allow programmer...
Applications that manipulate sensitive information should ensure end-to-end security by satisfying t...
Dynamic updating of information-flow policies Applications that manipulate sensitive information sho...
This paper presents a language in which information flow is securely controlled by a type system, ye...
In the domain of security policy enforcement, the concerns of application developers are almost comp...
This thesis investigates the specification and the application of dynamic security policies in infor...
This paper presents a language in which information flow is securely controlled by a type system, ye...