Current tools for analysing information flow in programs build upon ideas going back to Denning\u27s work from the 70\u27s. These systems enforce an imperfect notion of information flow which has become known as termination-insensitive noninterference. Under this version of noninterference, information leaks are permitted if they are transmitted purely by the program\u27s termination behaviour (i.e., whether it terminates or not). This imperfection is the price to pay for having a security condition which is relatively liberal (e.g. allowing while-loops whose termination may depend on the value of a secret) and easy to check. But what is the price exactly? We argue that, in the presence of output, the price is higher than the ``one bit\u27\...
When termination of a program is observable by an adversary, confidential information may be leaked ...
Many programs operate reactively-patiently waiting for user input, running for a while producing out...
With the intensification of communication in information systems, interest in security has increased...
Current tools for analysing information flow in programs build upon ideas going back to Denning's wo...
Abstract—Secure information flow guarantees the secrecy and integrity of data, preventing an attacke...
Tools for analysing secure information flow are almost exclusively based on ideas going back to Denn...
International audienceIn recent years, quantitative security techniques have been providing effectiv...
Part 1: Full PapersInternational audienceConstant-time programming is a countermeasure to prevent ca...
This thesis contributes to the field of language-based information flow analysis with a focus on det...
Abstract—The outputs of a program that processes secret data may reveal information about the values...
AbstractTiming channels constitute one form of covert channels through which programs may be leaking...
Noninterference, a strong security property for a computation process, informally says that the proc...
This paper explores information-flow control for batch-job programs that are allowed to be re-run wi...
When termination of a program is observable by an adversary, con-fidential information may be leaked...
International audienceAn information flow policy is termination-sensitive if it imposes that the ter...
When termination of a program is observable by an adversary, confidential information may be leaked ...
Many programs operate reactively-patiently waiting for user input, running for a while producing out...
With the intensification of communication in information systems, interest in security has increased...
Current tools for analysing information flow in programs build upon ideas going back to Denning's wo...
Abstract—Secure information flow guarantees the secrecy and integrity of data, preventing an attacke...
Tools for analysing secure information flow are almost exclusively based on ideas going back to Denn...
International audienceIn recent years, quantitative security techniques have been providing effectiv...
Part 1: Full PapersInternational audienceConstant-time programming is a countermeasure to prevent ca...
This thesis contributes to the field of language-based information flow analysis with a focus on det...
Abstract—The outputs of a program that processes secret data may reveal information about the values...
AbstractTiming channels constitute one form of covert channels through which programs may be leaking...
Noninterference, a strong security property for a computation process, informally says that the proc...
This paper explores information-flow control for batch-job programs that are allowed to be re-run wi...
When termination of a program is observable by an adversary, con-fidential information may be leaked...
International audienceAn information flow policy is termination-sensitive if it imposes that the ter...
When termination of a program is observable by an adversary, confidential information may be leaked ...
Many programs operate reactively-patiently waiting for user input, running for a while producing out...
With the intensification of communication in information systems, interest in security has increased...