This thesis is concerned with static code analysis. More particularly, with code analysis techniques for checking information flows in programs. First this thesis describes why is important to trace the information flows in a program, it introduces some fundamental concepts and presents the state of art. Then, two methods for checking secure information flow are proposed. The first is based on code transformation, and reuses the type analysis of the Java byte code Verifier. This method analyses programs written in a subset of the Java Virtual Machine Language. The second approach, named instruction-level security typing, has been defined in the framework of Abstract Interpretation end ha been shown more precise than standard typing approach...
This thesis investigates the specification and the application of dynamic security policies in infor...
Programs contain bugs. Finding program bugs is important, especially in situations where safety and ...
International audienceIn this paper we present a flow-sensitive analysis for secure informa- tion fl...
Security of Java programs is important as they can be executed in different platforms. This paper ad...
The article of record as published may be located at http://dx.doi.org/10.1016/S0167-4048(97)00002...
It is a common practice to retrieve code from an outside source, execute it and return the result to...
Some of the most promising work in the area of enforcing secure information ow in programs is based ...
We present a method based on abstract interpretation to check secure information flow in programs wi...
A new approach to dynamic information flow analysis is presented that can be used to detect and debu...
We present a method to certify a subset of the Java bytecode, with respect to security. The method i...
If we classify variables in a program into various security levels, then a secure information flow a...
AbstractWe propose a method to analyze secure information flow in stack-based assembly languages, co...
A static program analysis called information flow analysis has been studied for high-level programm...
Information flow analysis is concerned with validating the security of information flows between obj...
When an applet is sent over the internet, Java Virtual Machine code is transmitted and remotely exec...
This thesis investigates the specification and the application of dynamic security policies in infor...
Programs contain bugs. Finding program bugs is important, especially in situations where safety and ...
International audienceIn this paper we present a flow-sensitive analysis for secure informa- tion fl...
Security of Java programs is important as they can be executed in different platforms. This paper ad...
The article of record as published may be located at http://dx.doi.org/10.1016/S0167-4048(97)00002...
It is a common practice to retrieve code from an outside source, execute it and return the result to...
Some of the most promising work in the area of enforcing secure information ow in programs is based ...
We present a method based on abstract interpretation to check secure information flow in programs wi...
A new approach to dynamic information flow analysis is presented that can be used to detect and debu...
We present a method to certify a subset of the Java bytecode, with respect to security. The method i...
If we classify variables in a program into various security levels, then a secure information flow a...
AbstractWe propose a method to analyze secure information flow in stack-based assembly languages, co...
A static program analysis called information flow analysis has been studied for high-level programm...
Information flow analysis is concerned with validating the security of information flows between obj...
When an applet is sent over the internet, Java Virtual Machine code is transmitted and remotely exec...
This thesis investigates the specification and the application of dynamic security policies in infor...
Programs contain bugs. Finding program bugs is important, especially in situations where safety and ...
International audienceIn this paper we present a flow-sensitive analysis for secure informa- tion fl...