When a computer program requires legitimate access to confidential data, the question arises whether such a program may illegally reveal sensitive information. This paper proposes a policy model to specify what information flow is permitted in a computational system. The security definition, which is based on a general notion of information lattices, allows various representations of information to be used in the enforcement of secure information flow in deterministic or nondeterministic systems. A flexible semantics-based analysis technique is presented, which uses the input-output relational model induced by an attacker's observational power, to compute the information released by the computational system. An illustrative attacker model d...
Securing information flow is essential to methods that must ensure confidentiality, but information-...
AbstractIn this paper, we study secure information flow policies in the sense of Meadows [C. Meadows...
Despite the variety of tools and techniques deployed in order to protect sensitive data, ranging fro...
When a computer program requires legitimate access to confidential data, the question arises whether...
When a computer program requires legitimate access to confidential data, the question arises whether...
This paper investigates mechanisms that guarantee secure information flow in a computer system. Thes...
Information systems manage different types of data, commonly classified between public and secret da...
This thesis explores several ways to diversify the field of Information Flow Control. At the heart o...
Information flow techniques typically classify information according to suitable security levels and...
Sensitive information is a crucial asset for both individuals and companies. Since it is processed i...
AbstractA classic problem in security is that of checking that a program has secure information flow...
This paper presents a certification mechanism for verifying the secure flow of information through a...
Interactive/Reactive computational model is known to be proper abstraction of many pervasively used ...
Security is rarely a static notion. What is considered to be confidential or untrusted data varies o...
This paper was part of the 2nd International Workshop on Managing Insider Security Threats (MIST 201...
Securing information flow is essential to methods that must ensure confidentiality, but information-...
AbstractIn this paper, we study secure information flow policies in the sense of Meadows [C. Meadows...
Despite the variety of tools and techniques deployed in order to protect sensitive data, ranging fro...
When a computer program requires legitimate access to confidential data, the question arises whether...
When a computer program requires legitimate access to confidential data, the question arises whether...
This paper investigates mechanisms that guarantee secure information flow in a computer system. Thes...
Information systems manage different types of data, commonly classified between public and secret da...
This thesis explores several ways to diversify the field of Information Flow Control. At the heart o...
Information flow techniques typically classify information according to suitable security levels and...
Sensitive information is a crucial asset for both individuals and companies. Since it is processed i...
AbstractA classic problem in security is that of checking that a program has secure information flow...
This paper presents a certification mechanism for verifying the secure flow of information through a...
Interactive/Reactive computational model is known to be proper abstraction of many pervasively used ...
Security is rarely a static notion. What is considered to be confidential or untrusted data varies o...
This paper was part of the 2nd International Workshop on Managing Insider Security Threats (MIST 201...
Securing information flow is essential to methods that must ensure confidentiality, but information-...
AbstractIn this paper, we study secure information flow policies in the sense of Meadows [C. Meadows...
Despite the variety of tools and techniques deployed in order to protect sensitive data, ranging fro...