In the realm of sound object-oriented program analyses for information-flow control, very few approaches adopt flow-sensitive abstractions of the heap that enable a precise modeling of implicit flows. To tackle this challenge, we advance a new symbolic abstraction approach for modeling the heap in Java-like programs. We use a store-less representation that is parameterized with a family of relations among references to offer various levels of precision based on user preferences. This enables us to automatically infer polymorphic information-flow guards for methods via a co-reachability analysis of a symbolic finite-state system. We instantiate the heap abstraction with three different families of relations. We prove the soundness of our app...
Rapport techniqueInternational audienceA type system is introduced for a strict but expressive subse...
AbstractAssume/Guarantee (A/G) reasoning for heap-manipulating programs is challenging because the h...
Field-sensitive static analyses of object-oriented code use approximations of the computational stat...
A semantic-based approach is commonly considered more precise than the type-based approach to enforc...
acmid: 2382791 issue_date: November 2012 keywords: algorithms, security, verification numpages: 5acm...
We introduce an abstract domain for information-flow analysis of software. The proposal combines var...
International audienceA type system is introduced for a strict but expressive subset of Java in orde...
International audienceIn this paper we present a flow-sensitive analysis for secure informa- tion fl...
Dependence information between program values is extensively used in many program optimization techn...
Static analysis which takes into account the values of data stored in the heap is considered complex...
In this thesis, the JavaDL logic is amended by a new modality for the verification of termination-in...
Context sensitive pointer analyses based on Whaley and Lam’s bddbddb system have been shown to scale...
Current techniques for validating and verifying program changes often consider the entire program, e...
AbstractWe present a novel abstraction framework for heap data structures that uses graph grammars, ...
Quantitative Information Flow (QIF) is a powerful approach to quantify leaks of confidential informa...
Rapport techniqueInternational audienceA type system is introduced for a strict but expressive subse...
AbstractAssume/Guarantee (A/G) reasoning for heap-manipulating programs is challenging because the h...
Field-sensitive static analyses of object-oriented code use approximations of the computational stat...
A semantic-based approach is commonly considered more precise than the type-based approach to enforc...
acmid: 2382791 issue_date: November 2012 keywords: algorithms, security, verification numpages: 5acm...
We introduce an abstract domain for information-flow analysis of software. The proposal combines var...
International audienceA type system is introduced for a strict but expressive subset of Java in orde...
International audienceIn this paper we present a flow-sensitive analysis for secure informa- tion fl...
Dependence information between program values is extensively used in many program optimization techn...
Static analysis which takes into account the values of data stored in the heap is considered complex...
In this thesis, the JavaDL logic is amended by a new modality for the verification of termination-in...
Context sensitive pointer analyses based on Whaley and Lam’s bddbddb system have been shown to scale...
Current techniques for validating and verifying program changes often consider the entire program, e...
AbstractWe present a novel abstraction framework for heap data structures that uses graph grammars, ...
Quantitative Information Flow (QIF) is a powerful approach to quantify leaks of confidential informa...
Rapport techniqueInternational audienceA type system is introduced for a strict but expressive subse...
AbstractAssume/Guarantee (A/G) reasoning for heap-manipulating programs is challenging because the h...
Field-sensitive static analyses of object-oriented code use approximations of the computational stat...