Add to ORKGA common theoretical assumption in the study of information flow security in Java-like languages is that pointers are opaque - i.e., that the only properties that can be observed of pointers are the objects to which they point, and (at most) their equality. These assumptions often fail in practice. For example, various important operations in Java's standard API, such as hashcodes or serialization, might break pointer opacity. As a result, information-flow static analyses which assume pointer opacity risk being unsound in practice, since the pointer representation provides an unchecked implicit leak. We investigate information flow in the presence of non-opaque pointers for an imperative language with records, pointer instructions and excep...
This paper explores information flow control in systems in which the security classes of data can va...
Language-based information-flow security is concerned with specifying and enforcing security policie...
Security of Java programs is important as they can be executed in different platforms. This paper ad...
Common protection mechanisms fail to provide end-to-end security; programs with legitimate access to...
We consider a sequential object-oriented language with pointers and mutable state, private fields an...
This paper specifies a nontermination-insensitive, interprocedural, information flow analysis for ob...
Abstract — In classic information flow control (IFC), noninterference guarantees that no information...
Abstract. This paper contributes to the investigation of object-sensitive information flow propertie...
It is a common practice to retrieve code from an outside source, execute it and return the result to...
Part 4: Software SecurityInternational audienceNovel approaches for dynamic information flow monitor...
Non-interference is a semantical condition on programs that guarantees the absence of illicit inform...
A semantic-based approach is commonly considered more precise than the type-based approach to enforc...
Abstract. Non-interference is the property of a program not to leak any secret information. In this ...
This thesis improves the current state of the art on information-flow control of interactive and obj...
Language-based information flow analysis is used to statically examine a program for information flo...
This paper explores information flow control in systems in which the security classes of data can va...
Language-based information-flow security is concerned with specifying and enforcing security policie...
Security of Java programs is important as they can be executed in different platforms. This paper ad...
Common protection mechanisms fail to provide end-to-end security; programs with legitimate access to...
We consider a sequential object-oriented language with pointers and mutable state, private fields an...
This paper specifies a nontermination-insensitive, interprocedural, information flow analysis for ob...
Abstract — In classic information flow control (IFC), noninterference guarantees that no information...
Abstract. This paper contributes to the investigation of object-sensitive information flow propertie...
It is a common practice to retrieve code from an outside source, execute it and return the result to...
Part 4: Software SecurityInternational audienceNovel approaches for dynamic information flow monitor...
Non-interference is a semantical condition on programs that guarantees the absence of illicit inform...
A semantic-based approach is commonly considered more precise than the type-based approach to enforc...
Abstract. Non-interference is the property of a program not to leak any secret information. In this ...
This thesis improves the current state of the art on information-flow control of interactive and obj...
Language-based information flow analysis is used to statically examine a program for information flo...
This paper explores information flow control in systems in which the security classes of data can va...
Language-based information-flow security is concerned with specifying and enforcing security policie...
Security of Java programs is important as they can be executed in different platforms. This paper ad...