Interactive/Reactive computational model is known to be proper abstraction of many pervasively used systems, such as client-side web-based applications. The critical task of information flow control mechanisms aims to determine whether the interactive program can guarantee the confidentiality of secret data. We propose an efficient and flow-sensitive static analysis to enforce information flow policy on program with interactive I/Os. A reachability analysis is performed on the abstract model after a form of transformation, called multi-composition, to check the conformance with the policy. In the multi-composition we develop a store-match pattern to avoid duplicating the I/O channels in the model, and use the principle of secure multi-execu...
Security is rarely a static notion. What is considered to be confidential or untrusted data varies o...
Abstract. We propose a programmable framework that can be eas-ily instantiated to enforce a large va...
This paper seeks to answer fundamental questionsabout trade-offs between static and dynamic security...
The reactive computational model is pervasively used as a proper abstraction of web-based applicatio...
When giving a program access to secret information, one must ensure that the program does not le...
This thesis explores several ways to diversify the field of Information Flow Control. At the heart o...
When a computer program requires legitimate access to confidential data, the question arises whether...
This thesis improves the current state of the art on information-flow control of interactive and obj...
When a computer program requires legitimate access to confidential data, the question arises whether...
Abstract. In this article, we propose a static information-flow analysis for multi-threaded programs...
Software pervades our society deeper with every year. This trend makes software security more and mo...
When a computer program requires legitimate access to confidential data, the question arises whether...
In today's information-based society, guaranteeing information security plays an important role in a...
This paper studies the foundations of information-flow security for interactive programs. Previous r...
Abstract. When giving a program access to secret information, one must ensure that the program does ...
Security is rarely a static notion. What is considered to be confidential or untrusted data varies o...
Abstract. We propose a programmable framework that can be eas-ily instantiated to enforce a large va...
This paper seeks to answer fundamental questionsabout trade-offs between static and dynamic security...
The reactive computational model is pervasively used as a proper abstraction of web-based applicatio...
When giving a program access to secret information, one must ensure that the program does not le...
This thesis explores several ways to diversify the field of Information Flow Control. At the heart o...
When a computer program requires legitimate access to confidential data, the question arises whether...
This thesis improves the current state of the art on information-flow control of interactive and obj...
When a computer program requires legitimate access to confidential data, the question arises whether...
Abstract. In this article, we propose a static information-flow analysis for multi-threaded programs...
Software pervades our society deeper with every year. This trend makes software security more and mo...
When a computer program requires legitimate access to confidential data, the question arises whether...
In today's information-based society, guaranteeing information security plays an important role in a...
This paper studies the foundations of information-flow security for interactive programs. Previous r...
Abstract. When giving a program access to secret information, one must ensure that the program does ...
Security is rarely a static notion. What is considered to be confidential or untrusted data varies o...
Abstract. We propose a programmable framework that can be eas-ily instantiated to enforce a large va...
This paper seeks to answer fundamental questionsabout trade-offs between static and dynamic security...