English
Related papers

Related papers: A Verified Information-Flow Architecture

200 papers

We present a deductive approach for the analysis of secure information flows with support for fine-grained policies that include declassifications in the form of delimited information release. By explicitly tracking the dependencies of…

Logic in Computer Science · Computer Science 2015-09-15 Bart van Delft , Richard Bubel

We introduce a new perspective into the field of quantitative information flow (QIF) analysis that invites the community to bound the leakage, reported by QIF quantifiers, by a range consistent with the size of a program's secret input…

Cryptography and Security · Computer Science 2012-06-06 Sari Haj Hussein

Control flow in unstructured programs can be complex and dynamic, which makes static analysis difficult. Yet, automated reasoning about unstructured control flow is important when certifying properties of binary (machine) code in…

Programming Languages · Computer Science 2026-01-15 Andreas Lindner , Karl Palmskog , Scott Constable , Mads Dam , Roberto Guanciale , Hamed Nemati

Frontier AI models pose increasing risks to public safety and international security, creating a pressing need for AI developers to provide credible guarantees about their development activities without compromising proprietary information.…

Cryptography and Security · Computer Science 2025-06-19 James Petrie , Onni Aarne

Security-critical system requirements are increasingly enforced through mandatory access control systems. These systems are controlled by security policies, highly sensitive system components, which emphasizes the paramount importance of…

Cryptography and Security · Computer Science 2017-06-13 Peter Amthor

The development and deployment of safe and dependable AI models is crucial in applications where functional safety is a key concern. Given the rapid advancement in AI research and the relative novelty of the safe-AI domain, there is an…

Software Engineering · Computer Science 2025-03-21 Suzana Veljanovska , Hans Dermot Doran

In workflows and business processes, there are often security requirements on both the data, i.e. confidentiality and integrity, and the process, e.g. separation of duty. Graphical notations exist for specifying both workflows and…

Cryptography and Security · Computer Science 2014-04-09 Thomas Bauereiss , Dieter Hutter

In today's machine learning (ML) models, any part of the training data can affect the model output. This lack of control for information flow from training data to model output is a major obstacle in training models on sensitive data when…

Environmental noise (e.g.heat, ionized particles, etc.) causes transient faults in hardware, which lead to corruption of stored values. Mission-critical devices require such faults to be mitigated by fault-tolerance --- a combination of…

Cryptography and Security · Computer Science 2014-10-28 Filippo Del Tedesco , David Sands , Alejandro Russo

We present Labeled Input Output in F* (LIO*), a verified framework that enforces information flow control (IFC) policies developed in F* and automatically extracted to C. Inspired by LIO, we encapsulated IFC policies into effects, but using…

Cryptography and Security · Computer Science 2020-04-29 Jean-Joseph Marty , Lucas Franceschino , Jean-Pierre Talpin , Niki Vazou

For all the successes in verifying low-level, efficient, security-critical code, little has been said or studied about the structure, architecture and engineering of such large-scale proof developments. We present the design, implementation…

Programming Languages · Computer Science 2023-07-10 Son Ho , Aymeric Fromherz , Jonathan Protzenko

Through the increasing interconnection between various systems, the need for confidential systems is increasing. Confidential systems share data only with authorized entities. However, estimating the confidentiality of a system is complex,…

Software Engineering · Computer Science 2023-08-04 Felix Schwickerath , Nicolas Boltz , Sebastian Hahner , Maximilian Walter , Christopher Gerking , Robert Heinrich

This work provides a study to demonstrate the potential of using off-the-shelf programming languages and their theories to build sound language-based-security tools. Our study focuses on information flow security encompassing…

Cryptography and Security · Computer Science 2020-07-20 Minh Ngo , David A. Naumann , Tamara Rezk

Web applications written in JavaScript are regularly used for dealing with sensitive or personal data. Consequently, reasoning about their security properties has become an important problem, which is made very difficult by the highly…

Programming Languages · Computer Science 2013-02-14 Martin Lester , Luke Ong , Max Schaefer

The design of reliable circuits has received a lot of attention in the past, leading to the definition of several design techniques introducing fault detection and fault tolerance properties in systems for critical…

Hardware Architecture · Computer Science 2011-11-09 C. Bolchini , F. Salice , D. Sciuto , L. Pomante

Information flow security ensures that the secret data manipulated by a program does not influence its observable output. Proving information flow security is especially challenging for concurrent programs, where operations on secret data…

Cryptography and Security · Computer Science 2023-04-12 Marco Eilers , Thibault Dardinier , Peter Müller

Translating security intent into deployable network enforcement rules and maintaining their effectiveness despite evolving cyber threats remains a largely manual process in most Security Operations Centers (SOCs). In large and heterogeneous…

Cryptography and Security · Computer Science 2026-04-03 Davide Colaiacomo , Chiara Bonfanti , Cataldo Basile

Lower-end IoT devices typically have strict cost constraints that rule out usual security mechanisms available in general-purpose computers or higher-end devices. To secure low-end devices, various low-cost security architectures have been…

Cryptography and Security · Computer Science 2024-01-12 Ivan De Oliveira Nunes , Sashidhar Jakkamsetti , Norrathep Rattanavipanon , Gene Tsudik

In today's world, critical infrastructure is often controlled by computing systems. This introduces new risks for cyber attacks, which can compromise the security and disrupt the functionality of these systems. It is therefore necessary to…

Formal Languages and Automata Theory · Computer Science 2021-09-06 Tomas Kulik , Brijesh Dongol , Peter Gorm Larsen , Hugo Daniel Macedo , Steve Schneider , Peter Würtz Vinther Tran-Jørgensen , Jim Woodcock

We give a rigorous characterization of what it means for a programming language to be memory safe, capturing the intuition that memory safety supports local reasoning about state. We formalize this principle in two ways. First, we show how…

Programming Languages · Computer Science 2018-04-10 Arthur Azevedo de Amorim , Catalin Hritcu , Benjamin C. Pierce
‹ Prev 1 3 4 5 6 7 10 Next ›