English
Related papers

Related papers: A Verified Information-Flow Architecture

200 papers

We propose a new sheaf semantics for secure information flow over a space of abstract behaviors, based on synthetic domain theory: security classes are open/closed partitions, types are sheaves, and redaction of sensitive information…

Programming Languages · Computer Science 2022-04-21 Jonathan Sterling , Robert Harper

In this paper, we propose a tool, called DataProVe, for specifying high-level data protection policies and system architectures, as well as verifying the conformance between them in a fully automated way. The syntax of the policies and the…

Cryptography and Security · Computer Science 2020-12-18 Vinh Thong Ta

The increasing integration of Artificial Intelligence across multiple industry sectors necessitates robust mechanisms for ensuring transparency, trust, and auditability of its development and deployment. This topic is particularly important…

Cryptography and Security · Computer Science 2025-03-31 Kar Balan , Robert Learney , Tim Wood

Embedded, smart, and IoT devices are increasingly popular in numerous everyday settings. Since lower-end devices have the most strict cost constraints, they tend to have few, if any, security features. This makes them attractive targets for…

Cryptography and Security · Computer Science 2023-09-21 Sashidhar Jakkamsetti , Youngil Kim , Andrew Searles , Gene Tsudik

Information flow security is classically formulated in terms of the absence of illegal information flows, with respect to a security setting consisting of a single flow policy that specifies what information flows should be permitted in the…

Programming Languages · Computer Science 2019-01-09 Ana Almeida Matos , Jan Cederquist

Security of information flow is commonly understood as preventing any information leakage, regardless of how grave or harmless consequences the leakage can have. In this work, we suggest that information security is not a goal in itself,…

Cryptography and Security · Computer Science 2016-08-09 Wojciech Jamroga , Masoud Tabatabaei

Security graphs model attacks, defenses, mitigations, and vulnerabilities on computer networks and systems. With proper attributes, they provide security metrics using standard graph algorithms. A hyperflow graph is a register-transfer…

Cryptography and Security · Computer Science 2023-04-18 Andres Meza , Ryan Kastner

The integration of Artificial Intelligence (AI) into safety-critical systems introduces a new reliability paradigm: silent failures, where AI produces confident but incorrect outputs that can be dangerous. This paper introduces the Formal…

Software Engineering · Computer Science 2026-03-03 Guan-Yan Yang , Farn Wang

Constant-time programming is a countermeasure to prevent cache based attacks where programs should not perform memory accesses that depend on secrets. In some cases this policy can be safely relaxed if one can prove that the program does…

Cryptography and Security · Computer Science 2023-06-22 Cristian Ene , Laurent Mounier , Marie-Laure Potet

Local-first software manages and processes private data locally while still enabling collaboration between multiple parties connected via partially unreliable networks. Such software typically involves interactions with users and the…

Programming Languages · Computer Science 2024-03-13 Julian Haas , Ragnar Mogk , Elena Yanakieva , Annette Bieniusa , Mira Mezini

SAFE is a data-centric platform for building multi-domain networked systems, i.e., systems whose participants are controlled by different principals. Participants make trust decisions by issuing local queries over logic content exchanged in…

Cryptography and Security · Computer Science 2017-01-25 Qiang Cao , Vamsi Thummala , Jeffrey S. Chase , Yuanjun Yao , Bing Xie

Refinement transforms an abstract system model into a concrete, executable program, such that properties established for the abstract model carry over to the concrete implementation. Refinement has been used successfully in the development…

Logic in Computer Science · Computer Science 2021-10-27 Aurel Bílý , Christoph Matheja , Peter Müller

Modern programmable network switches can implement custom applications using efficient packet processing hardware, and the programming language P4 provides high-level constructs to program such switches. The increase in speed and…

Programming Languages · Computer Science 2022-06-15 Karuna Grewal , Loris D'Antoni , Justin Hsu

We propose an approach on model checking information flow for imperative language with procedures. We characterize our model with pushdown system, which has a stack of unbounded length that naturally models the execution of procedural…

Cryptography and Security · Computer Science 2010-12-15 Cong Sun , Liyong Tang , Zhong Chen

We present CleanQ, a high-performance operating-system interface for descriptor-based data transfer with rigorous formal semantics, based on a simple, formally-verified notion of ownership transfer, with a fast reference implementation.…

Operating Systems · Computer Science 2019-11-21 Roni Haecki , Lukas Humbel , Reto Achermann , David Cock , Daniel Schwyn , Timothy Roscoe

Dynamically typed object-oriented languages enable programmers to write elegant, reusable and extensible programs. However, with the current methodology for program verification, the absence of static type information creates significant…

Programming Languages · Computer Science 2015-01-13 Björn Engelmann , Ernst-Rüdiger Olderog , Nils Erik Flick

Non-interference is a semantic program property that assigns confidentiality levels to data objects and prevents illicit information flows from occurring from high to low security levels. In this paper, we present a novel security model for…

Cryptography and Security · Computer Science 2010-06-23 Mauricio Alba-Castro , María Alpuente , Santiago Escobar

We propose an automated verification technique for hypersafety properties, which express sets of valid interrelations between multiple finite runs of a program. The key observation is that constructing a proof for a small representative set…

Programming Languages · Computer Science 2019-05-23 Azadeh Farzan , Anthony Vandikas

Secure function evaluation (SFE) is the process of computing a function (or running an algorithm) on some data, while keeping the input, output and intermediate results hidden from the environment in which the function is evaluated. This…

Cryptography and Security · Computer Science 2013-12-12 Stefan Rass

Attacks targeting software on embedded systems are becoming increasingly prevalent. Remote attestation is a mechanism that allows establishing trust in embedded devices. However, existing attestation schemes are either static and cannot…

Cryptography and Security · Computer Science 2018-10-04 Ghada Dessouky , Shaza Zeitouni , Thomas Nyman , Andrew Paverd , Lucas Davi , Patrick Koeberl , N. Asokan , Ahmad-Reza Sadeghi