International audienceMotivated by the problem of stateless web tracking (fingerprinting), we propose a novel approach to hybrid information flow monitoring by tracking the knowledge about secret variables using logical formulae. This knowledge representation helps to compare and improve precision of hybrid infor- mation flow monitors. We define a generic hybrid monitor parametrised by a static analysis and derive sufficient conditions on the static analysis for sound- ness and relative precision of hybrid monitors. We instantiate the generic monitor with a combined static constant and dependency analysis. Several other hybrid monitors including those based on well-known hybrid techniques for information flow control are formalised as insta...
As more and more sensitive data is handled by software, itstrustworthiness becomes an increasingly i...
We present a novel progress-sensitive, flow-sensitive hybrid information-flow control monitor for an...
We present a framework for monitoring information flow in security-critical reactive systems, such a...
International audienceMotivated by the problem of stateless web tracking (fingerprinting), we propos...
Hybrid information-flow monitors use a combination of static analysis and dynamic mechanisms to prov...
Part 9: Software SecurityInternational audienceWe present a novel progress-sensitive, flow-sensitive...
Secure integration of third-party code is one of the prime challenges for securing today\u27s web. R...
The Web is evolving into a melting pot of content coming from multiple stakeholders. In this mutuall...
International audienceEnforcement of noninterference requires proving that an attacker's knowledge a...
This thesis explores information-flow tracking technologies and their applicability on industrial-sc...
This thesis introduces and details the effort of modeling and control design of an information track...
While information-flow security is a well-established area, there is an unsettling gap between heavy...
Over the years, computer systems and applications have grown significantly complex while handling a ...
Abstract. Much progress has recently been made on information flow control, enabling the enforcement...
Information-flow analysis has largely ignored the setting where the analyst has neither control over...
As more and more sensitive data is handled by software, itstrustworthiness becomes an increasingly i...
We present a novel progress-sensitive, flow-sensitive hybrid information-flow control monitor for an...
We present a framework for monitoring information flow in security-critical reactive systems, such a...
International audienceMotivated by the problem of stateless web tracking (fingerprinting), we propos...
Hybrid information-flow monitors use a combination of static analysis and dynamic mechanisms to prov...
Part 9: Software SecurityInternational audienceWe present a novel progress-sensitive, flow-sensitive...
Secure integration of third-party code is one of the prime challenges for securing today\u27s web. R...
The Web is evolving into a melting pot of content coming from multiple stakeholders. In this mutuall...
International audienceEnforcement of noninterference requires proving that an attacker's knowledge a...
This thesis explores information-flow tracking technologies and their applicability on industrial-sc...
This thesis introduces and details the effort of modeling and control design of an information track...
While information-flow security is a well-established area, there is an unsettling gap between heavy...
Over the years, computer systems and applications have grown significantly complex while handling a ...
Abstract. Much progress has recently been made on information flow control, enabling the enforcement...
Information-flow analysis has largely ignored the setting where the analyst has neither control over...
As more and more sensitive data is handled by software, itstrustworthiness becomes an increasingly i...
We present a novel progress-sensitive, flow-sensitive hybrid information-flow control monitor for an...
We present a framework for monitoring information flow in security-critical reactive systems, such a...