Add to ORKGThis paper specifies a nontermination-insensitive, interprocedural, information flow analysis for objectoriented programs via a Hoare-like logic. Pointer aliasing is ubiquitous in such programs, and can potentially leak confidential information. Therefore, assertions in the logic not only describe the noninterference property that formalizes confidentiality, but also describe aliasing properties. The representation of noninterference in assertions makes explicit the independences between variables and addresses. The logic is flow-sensitive and can deem secure more programs than extant type-based information flow analyses. Modular (or local) reasoning is a critical component of the logic. Apart from supporting interprocedural reasoning in a ...
We address the issue of declassification in a language-based security approach. We introduce, in a C...
AbstractThis talk gives an overview of various approaches for verifying the correctness of programs ...
We give a formal definition of the notion of information flow for a simple guarded command language....
A common theoretical assumption in the study of information flow security in Java-like languages is ...
Part 4: Software SecurityInternational audienceNovel approaches for dynamic information flow monitor...
Common protection mechanisms fail to provide end-to-end security; programs with legitimate access to...
AbstractWe specify an information flow analysis for a simple imperative language, using a Hoare-like...
This work is organized in seven chapters. The introduction, Chapter 1, illus-trates the context and ...
AbstractThis paper describes an empirical comparison of the effectiveness of six context-insensitive...
We consider a sequential object-oriented language with pointers and mutable state, private fields an...
We present interpretations of type systems for secure information flow in Hoare logic, complementing...
AbstractA classic problem in security is that of checking that a program has secure information flow...
Conference of 4th International Workshop on Verification and Program Transformation, VPT 2016 ; Conf...
If we classify variables in a program into various security levels, then a secure information flow a...
Pointer analysis is a fundamental static program analysis, with a rich literature and wide applicati...
We address the issue of declassification in a language-based security approach. We introduce, in a C...
AbstractThis talk gives an overview of various approaches for verifying the correctness of programs ...
We give a formal definition of the notion of information flow for a simple guarded command language....
A common theoretical assumption in the study of information flow security in Java-like languages is ...
Part 4: Software SecurityInternational audienceNovel approaches for dynamic information flow monitor...
Common protection mechanisms fail to provide end-to-end security; programs with legitimate access to...
AbstractWe specify an information flow analysis for a simple imperative language, using a Hoare-like...
This work is organized in seven chapters. The introduction, Chapter 1, illus-trates the context and ...
AbstractThis paper describes an empirical comparison of the effectiveness of six context-insensitive...
We consider a sequential object-oriented language with pointers and mutable state, private fields an...
We present interpretations of type systems for secure information flow in Hoare logic, complementing...
AbstractA classic problem in security is that of checking that a program has secure information flow...
Conference of 4th International Workshop on Verification and Program Transformation, VPT 2016 ; Conf...
If we classify variables in a program into various security levels, then a secure information flow a...
Pointer analysis is a fundamental static program analysis, with a rich literature and wide applicati...
We address the issue of declassification in a language-based security approach. We introduce, in a C...
AbstractThis talk gives an overview of various approaches for verifying the correctness of programs ...
We give a formal definition of the notion of information flow for a simple guarded command language....