English
Related papers

Related papers: Secure Information Flow by Model Checking Pushdown…

200 papers

Flow-sensitive type systems offer an elegant way to ensure memory-safety in programming languages. Unfortunately, their adoption in new or existing languages is often hindered by a painful effort to implement or integrate them into…

Programming Languages · Computer Science 2021-06-24 Dimitri Racordon , Aurélien Coet , Didier Buchs

We propose a type system to analyze the time consumed by multi-threaded imperative programs with a shared global memory, which delineates a class of safe multi-threaded programs. We demonstrate that a safe multi-threaded program runs in…

Computational Complexity · Computer Science 2012-04-02 Jean-Yves Marion , Romain Péchoux

The Windows Vista operating system implements an interesting model of multi-level integrity. We observe that in this model, trusted code can be blamed for any information-flow attack; thus, it is possible to eliminate such attacks by static…

Cryptography and Security · Computer Science 2008-12-18 Avik Chaudhuri , Prasad Naldurg , Sriram Rajamani

Modern languages are equipped with static type checking/inference that helps programmers to keep a clean programming style and to reduce errors. However, the ever-growing size of programs and their continuous evolution require building fast…

Programming Languages · Computer Science 2018-11-28 Matteo Busi , Pierpaolo Degano , Letterio Galletta

System development is not a linear, one-shot process. It proceeds through refinements and revisions. To support assurance that the system satisfies its requirements, it is desirable that continuous verification can be performed after each…

Logic in Computer Science · Computer Science 2018-11-28 Claudio Menghi , Alessandro Maria Rizzi , Anna Bernasconi

We present POPACheck, the first model checking tool for probabilistic Pushdown Automata (pPDA) supporting temporal logic specifications. POPACheck provides a user-friendly probabilistic modeling language with recursion that automatically…

Logic in Computer Science · Computer Science 2025-06-05 Francesco Pontiggia , Ezio Bartocci , Michele Chiari

We present a deductive approach for the analysis of secure information flows with support for fine-grained policies that include declassifications in the form of delimited information release. By explicitly tracking the dependencies of…

Logic in Computer Science · Computer Science 2015-09-15 Bart van Delft , Richard Bubel

Modern programmable network switches can implement custom applications using efficient packet processing hardware, and the programming language P4 provides high-level constructs to program such switches. The increase in speed and…

Programming Languages · Computer Science 2022-06-15 Karuna Grewal , Loris D'Antoni , Justin Hsu

Researchers have proposed formal definitions of quantitative information flow based on information theoretic notions such as the Shannon entropy, the min entropy, the guessing entropy, and channel capacity. This paper investigates the…

Cryptography and Security · Computer Science 2010-04-02 Hirotoshi Yasuoka , Tachio Terauchi

Information-flow control mechanisms are difficult both to design and to prove correct. To reduce the time wasted on doomed proof attempts due to broken definitions, we advocate modern random testing techniques for finding counterexamples…

We propose a type-based analysis to infer the session protocols of channels in an ML-like concurrent functional language. Combining and extending well-known techniques, we develop a type-checking system that separates the underlying ML type…

Programming Languages · Computer Science 2016-04-14 Carlo Spaccasassi , Vasileios Koutavas

The work concerns formal verification of workflow-oriented software models using deductive approach. The formal correctness of a model's behaviour is considered. Manually building logical specifications, which are considered as a set of…

Software Engineering · Computer Science 2015-01-05 Radoslaw Klimek

Researchers have proposed formal definitions of quantitative information flow based on information theoretic notions such as the Shannon entropy, the min entropy, the guessing entropy, belief, and channel capacity. This paper investigates…

Cryptography and Security · Computer Science 2011-12-20 Hirotoshi Yasuoka , Tachio Terauchi

Compile-time information flow analysis has been a promising technique for protecting confidentiality and integrity of private data. In the last couple of decades, a large number of information flow security tools in the form of run-time…

Programming Languages · Computer Science 2021-03-11 Sandip Ghosal , R. K. Shyamasundar

Security policies are naturally dynamic. Reflecting this, there has been a growing interest in studying information-flow properties which change during program execution, including concepts such as declassification, revocation, and…

Cryptography and Security · Computer Science 2015-01-13 Bart van Delft , Sebastian Hunt , David Sands

We present an automated framework for solidifying the cohesion between software specifications, their dependently typed models, and implementation at compile time. Model Checking and type checking are currently separate techniques for…

Programming Languages · Computer Science 2024-07-18 Thomas Ekström Hansen , Edwin Brady

We present Lifty, a domain-specific language for data-centric applications that manipulate sensitive data. A Lifty programmer annotates the sources of sensitive data with declarative security policies, and the language statically and…

Programming Languages · Computer Science 2020-07-02 Nadia Polikarpova , Deian Stefan , Jean Yang , Shachar Itzhaky , Travis Hance , Armando Solar-Lezama

Information-flow security typing statically preserves confidentiality by enforcing noninterference. To address the practical need of selective and flexible declassification of confidential information, several approaches have developed a…

Programming Languages · Computer Science 2019-10-15 Raimil Cruz , Éric Tanter

Recently, there has been an increase in interest in evaluating large language models for emergent and dangerous capabilities. Importantly, agents could reason that in some scenarios their goal is better achieved if they are not turned off,…

Computation and Language · Computer Science 2023-07-04 Teun van der Weij , Simon Lermen , Leon lang

SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows. At the lowest level, the SAFE hardware supports fine-grained programmable tags, with efficient and…