English
Related papers

Related papers: Nonmalleable Information Flow: Technical Report

200 papers

Information-flow control systems often enforce progress-insensitive noninterference, as it is simple to understand and enforce. Unfortunately, real programs need to declassify results and endorse inputs, which noninterference disallows,…

Cryptography and Security · Computer Science 2025-07-29 Ethan Cecchetti

Practitioners of secure information flow often face a design challenge: what is the right semantic treatment of leaks via termination? On the one hand, the potential harm of untrusted code calls for strong progress-sensitive security. On…

Programming Languages · Computer Science 2020-05-12 Johan Bay , Aslan Askarov

Language-based information flow methods offer a principled way to enforce strong security properties, but enforcing noninterference is too inflexible for realistic applications. Security-typed languages have therefore introduced…

Programming Languages · Computer Science 2015-07-01 Aslan Askarov , Andrew Myers

Information-flow security typing statically preserves confidentiality by enforcing noninterference. To address the practical need of selective and flexible declassification of confidential information, several approaches have developed a…

Programming Languages · Computer Science 2019-10-15 Raimil Cruz , Éric Tanter

Noninterference offers a rigorous end-to-end guarantee for secure propagation of information. However, real-world systems almost always involve security requirements that change during program execution, making noninterference inapplicable.…

Cryptography and Security · Computer Science 2021-09-17 Peixuan Li , Danfeng Zhang

Information flow type systems enforce the security property of noninterference by detecting unauthorized data flows at compile-time. However, they require precise type annotations, making them difficult to use in practice as much of the…

Programming Languages · Computer Science 2021-02-10 Abhishek Bichhawat , McKenna McCall , Limin Jia

Noninterference provides a control over information flow in a system for ensuring confidentiality and integrity properties. In the literature this notion has been well studied as transitive noninterference and intransitive noninterference.…

Cryptography and Security · Computer Science 2010-03-23 Chenyi Zhang

Noninterference guarantees that an attacker cannot infer secrets by interacting with a program. Information flow control (IFC) type systems assert noninterference by tracking the level of information learned (pc) and disallowing…

Programming Languages · Computer Science 2024-07-31 Farzaneh Derakhshan , Stephanie Balzer , Yue Yao

Information-flow security type systems ensure confidentiality by enforcing noninterference: a program cannot leak private data to public channels. However, in practice, programs need to selectively declassify information about private data.…

Programming Languages · Computer Science 2019-11-13 Raimil Cruz , Éric Tanter

In automated complexity analysis, noninterference-based type systems statically guarantee, via soundness, the property that well-typed programs compute functions of a given complexity class, e.g., the class FP of functions computable in…

Logic in Computer Science · Computer Science 2024-01-29 Emmanuel Hainry , Bruce M. Kapron , Jean-Yves Marion , Romain Péchoux

SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows. At the lowest level, the SAFE hardware supports fine-grained programmable tags, with efficient and…

Language-based information flow security aims to decide whether an action-observable program can unintentionally leak confidential information if it has the authority to access confidential data. Recent concerns about declassification…

Cryptography and Security · Computer Science 2016-11-18 Cong Sun , Liyong Tang , Zhong Chen

The disastrous vulnerabilities in smart contracts sharply remind us of our ignorance: we do not know how to write code that is secure in composition with malicious code. Information flow control has long been proposed as a way to achieve…

Cryptography and Security · Computer Science 2023-07-21 Ethan Cecchetti , Siqiu Yao , Haobin Ni , Andrew C. Myers

Constant-time programming is a countermeasure to prevent cache based attacks where programs should not perform memory accesses that depend on secrets. In some cases this policy can be safely relaxed if one can prove that the program does…

Cryptography and Security · Computer Science 2023-06-22 Cristian Ene , Laurent Mounier , Marie-Laure Potet

Quantum cryptography has been extensively studied in the last twenty years, but information-flow security of quantum computing and communication systems has been almost untouched in the previous research. Duo to the essential difference…

Cryptography and Security · Computer Science 2013-01-30 Mingsheng Ying , Yuang Feng , Nengkun Yu

To ensure programs do not leak private data, we often want to be able to provide formal guarantees ensuring such data is handled correctly. Often, we cannot keep such data secret entirely; instead programmers specify how private data may be…

Programming Languages · Computer Science 2026-04-21 Jan Menz , Andrew K. Hirsch , Peixuan Li , Deepak Garg

Protecting confidential data from leaking is a critical challenge in computer systems, particularly given the growing number of observers on the internet. Therefore, limiting information flow using robust security policies becomes…

It is common to prove by reasoning over source code that programs do not leak sensitive data. But doing so leaves a gap between reasoning and reality that can only be filled by accounting for the behaviour of the compiler. This task is…

Logic in Computer Science · Computer Science 2020-10-23 Robert Sison , Toby Murray

An information owner, possessing diverse data sources, might want to offer information services based on these sources to cooperation partners and to this end interact with these partners by receiving and sending messages, which the owner…

Cryptography and Security · Computer Science 2017-07-27 Joachim Biskup , Cornelia Tadros , Jaouad Zarouali

Non-interference is a semantic program property that assigns confidentiality levels to data objects and prevents illicit information flows from occurring from high to low security levels. In this paper, we present a novel security model for…

Cryptography and Security · Computer Science 2010-06-23 Mauricio Alba-Castro , María Alpuente , Santiago Escobar
‹ Prev 1 2 3 10 Next ›