This paper presents an approach to analyze stack-based assembly code with respect to leakages of private information. We consider systems implementing a multilevel security policy, where the security levels form a lattice. The approach is based on abstract interpretation of the operational semantics. We consider a representative subset of instructions of conventional stack-based assembly languages. We define a collecting small-step semantics of the language, enhanced to convey the level of the information flow during execution: this is accomplished by annotating each value with the level of the information on which it depends. Then we define an abstract semantics of the language that abstracts from actual data and maintains only the annotat...
Modern-day imperative programming languages such as C++, C# and Java offer protection facilities suc...
This thesis is concerned with static code analysis. More particularly, with code analysis techniques...
Abstract The first part of the thesis investigates confidentiality, i.e. the problem of determining ...
AbstractWe propose a method to analyze secure information flow in stack-based assembly languages, co...
We present a tool supporting the verification of programs written in stack-based assembly language a...
Abstract. We study secure information flow in a stack based Typed Assembly Language (TAL). We define...
We present a method based on abstract interpretation to check secure information flow in programs wi...
Many software systems adopt isolation mechanisms of modern processors as software security building ...
Abstract. Non-interference is a desirable property of systems in a multilevel security architecture,...
This paper presents a technique for verifying secure information flow in concurrent programs consist...
AbstractA classic problem in security is that of checking that a program has secure information flow...
Many software systems adopt isolation mechanisms of modern processors as software security building ...
Many software systems adopt isolation mechanisms of modern processors as software security building ...
Abstract interpretation of operational semantics for secure information flow was discussed. This app...
It is common to prove by reasoning over source code that programs do not leak sensitive data. But do...
Modern-day imperative programming languages such as C++, C# and Java offer protection facilities suc...
This thesis is concerned with static code analysis. More particularly, with code analysis techniques...
Abstract The first part of the thesis investigates confidentiality, i.e. the problem of determining ...
AbstractWe propose a method to analyze secure information flow in stack-based assembly languages, co...
We present a tool supporting the verification of programs written in stack-based assembly language a...
Abstract. We study secure information flow in a stack based Typed Assembly Language (TAL). We define...
We present a method based on abstract interpretation to check secure information flow in programs wi...
Many software systems adopt isolation mechanisms of modern processors as software security building ...
Abstract. Non-interference is a desirable property of systems in a multilevel security architecture,...
This paper presents a technique for verifying secure information flow in concurrent programs consist...
AbstractA classic problem in security is that of checking that a program has secure information flow...
Many software systems adopt isolation mechanisms of modern processors as software security building ...
Many software systems adopt isolation mechanisms of modern processors as software security building ...
Abstract interpretation of operational semantics for secure information flow was discussed. This app...
It is common to prove by reasoning over source code that programs do not leak sensitive data. But do...
Modern-day imperative programming languages such as C++, C# and Java offer protection facilities suc...
This thesis is concerned with static code analysis. More particularly, with code analysis techniques...
Abstract The first part of the thesis investigates confidentiality, i.e. the problem of determining ...