When giving a program access to secret information, one must ensure that the program does not leak the secrets to untrusted sinks. For reducing the complexity of such an information flow analysis, one can employ compositional proof techniques. In this article, we present a new approach to analyzing information flow security in a compositional manner. Instead of committing to a proof technique at the beginning of a verification, this choice is made during verification with the option of flexibly migrating to another proof technique. Our approachalso increases the precision of compositional reasoning in comparison to the traditional approach. We illustrate the advantages in two exemplary securit...
AbstractA classic problem in security is that of checking that a program has secure information flow...
We present a general unwinding framework for the definition of information flow security properties ...
This paper studies the foundations of information-flow security for interactive programs. Previous r...
When giving a program access to secret information, one must ensure that the program does not le...
be transferred) Abstract. When giving a program access to secret information, one must ensure that t...
Methods for proving that concurrent software does not leak its secrets has remained an active topic ...
Research in information-flow security aims at developing methods to identify undesired information l...
We give a formal definition of the notion of information flow for a simple guarded command language....
Information flow policies are confidentiality policies that control information leakage through prog...
The Compositional Security Checker (CoSeC for short) is a semantic-based tool for the automatic veri...
Interactive/Reactive computational model is known to be proper abstraction of many pervasively used ...
Software pervades our society deeper with every year. This trend makes software security more and mo...
We present an approach to formally prove secure information flow in multi-threaded programs. We star...
“Classical” proofs of secure systems are based on reducing the hardness of one problem (defined by t...
In this thesis, we elaborate a uniform basis for the systematic investigation of possibilistic infor...
AbstractA classic problem in security is that of checking that a program has secure information flow...
We present a general unwinding framework for the definition of information flow security properties ...
This paper studies the foundations of information-flow security for interactive programs. Previous r...
When giving a program access to secret information, one must ensure that the program does not le...
be transferred) Abstract. When giving a program access to secret information, one must ensure that t...
Methods for proving that concurrent software does not leak its secrets has remained an active topic ...
Research in information-flow security aims at developing methods to identify undesired information l...
We give a formal definition of the notion of information flow for a simple guarded command language....
Information flow policies are confidentiality policies that control information leakage through prog...
The Compositional Security Checker (CoSeC for short) is a semantic-based tool for the automatic veri...
Interactive/Reactive computational model is known to be proper abstraction of many pervasively used ...
Software pervades our society deeper with every year. This trend makes software security more and mo...
We present an approach to formally prove secure information flow in multi-threaded programs. We star...
“Classical” proofs of secure systems are based on reducing the hardness of one problem (defined by t...
In this thesis, we elaborate a uniform basis for the systematic investigation of possibilistic infor...
AbstractA classic problem in security is that of checking that a program has secure information flow...
We present a general unwinding framework for the definition of information flow security properties ...
This paper studies the foundations of information-flow security for interactive programs. Previous r...