English
Related papers

Related papers: Nonmalleable Information Flow: Technical Report

200 papers

This paper investigates a flow- and path-sensitive static information flow analysis. Compared with security type systems with fixed labels, it has been shown that flow-sensitive type systems accept more secure programs. We show that an…

Programming Languages · Computer Science 2017-06-22 Peixuan Li , Danfeng Zhang

The paper studies dynamic information flow security policies in an automaton-based model. Two semantic interpretations of such policies are developed, both of which generalize the notion of TA-security [van der Meyden ESORICS 2007] for…

Cryptography and Security · Computer Science 2016-01-21 Sebastian Eggert , Ron van der Meyden

Graded type systems, such as the one underlying the Granule programming language, allow various different properties of a program's behaviour to be tracked via annotating types with additional information, which we call grades. One example…

Programming Languages · Computer Science 2024-10-23 Danielle Marshall , Dominic Orchard

We propose a new sheaf semantics for secure information flow over a space of abstract behaviors, based on synthetic domain theory: security classes are open/closed partitions, types are sheaves, and redaction of sensitive information…

Programming Languages · Computer Science 2022-04-21 Jonathan Sterling , Robert Harper

Information flow security is classically formulated in terms of the absence of illegal information flows, with respect to a security setting consisting of a single flow policy that specifies what information flows should be permitted in the…

Programming Languages · Computer Science 2019-01-09 Ana Almeida Matos , Jan Cederquist

Synchronous reactive data flow is a paradigm that provides a high-level abstract programming model for embedded and cyber-physical systems, including the locally synchronous components of IoT systems. Security in such systems is severely…

Programming Languages · Computer Science 2022-01-04 Sanjiva Prasad , R. Madhukar Yerraguntla , Subodh Sharma

Languages with gradual information-flow control combine static and dynamic techniques to prevent security leaks. Gradual languages should satisfy the gradual guarantee: programs that only differ in the precision of their type annotations…

Programming Languages · Computer Science 2024-04-10 Tianyu Chen , Jeremy G. Siek

Vulnerability of Frontier language models to misuse and jailbreaks has prompted the development of safety measures like filters and alignment training in an effort to ensure safety through robustness to adversarially crafted prompts. We…

Cryptography and Security · Computer Science 2024-10-31 David Glukhov , Ziwen Han , Ilia Shumailov , Vardan Papyan , Nicolas Papernot

Explainable systems expose information about why certain observed effects are happening to the agents interacting with them. We argue that this constitutes a positive flow of information that needs to be specified, verified, and balanced…

Logic in Computer Science · Computer Science 2025-09-24 Bernd Finkbeiner , Hadar Frenkel , Julian Siber

Proving only over source code that programs do not leak sensitive data leaves a gap between reasoning and reality that can only be filled by accounting for the behaviour of the compiler. Furthermore, software does not always have the luxury…

Programming Languages · Computer Science 2023-06-22 Robert Sison , Toby Murray

Information Flow Control (IFC) is a collection of techniques for ensuring a no-write-down no-read-up style security policy known as noninterference. Traditional methods for both static and dynamic IFC suffer from untenable numbers of false…

Cryptography and Security · Computer Science 2020-05-27 Maximilian Algehed , Cormac Flanagan

The enormous amount of code required to design modern hardware implementations often leads to critical vulnerabilities being overlooked. Especially vulnerabilities that compromise the confidentiality of sensitive data, such as cryptographic…

Cryptography and Security · Computer Science 2021-12-23 Lennart M. Reimann , Luca Hanel , Dominik Sisejkovic , Farhad Merchant , Rainer Leupers

We propose an approach on model checking information flow for imperative language with procedures. We characterize our model with pushdown system, which has a stack of unbounded length that naturally models the execution of procedural…

Cryptography and Security · Computer Science 2010-12-15 Cong Sun , Liyong Tang , Zhong Chen

A security policy specifies a security property as the maximal information flow. A distributed system composed of interacting processes implicitly defines an intransitive security policy by repudiating direct information flow between…

Cryptography and Security · Computer Science 2013-10-15 Jean Quilbeuf , Georgeta Igna , Denis Bytschkow , Harald Ruess

Security of information flow is commonly understood as preventing any information leakage, regardless of how grave or harmless consequences the leakage can have. In this work, we suggest that information security is not a goal in itself,…

Cryptography and Security · Computer Science 2016-08-09 Wojciech Jamroga , Masoud Tabatabaei

We introduce a framework for reasoning about the security of computer systems using modal logic. This framework is sufficiently expressive to capture a variety of known security properties, while also being intuitive and independent of…

Cryptography and Security · Computer Science 2023-09-19 Matvey Soloviev , Musard Balliu , Roberto Guanciale

Implicit authentication consists of a server authenticating a user based on the user's usage profile, instead of/in addition to relying on something the user explicitly knows (passwords, private keys, etc.). While implicit authentication…

Cryptography and Security · Computer Science 2015-03-03 Josep Domingo-Ferrer , Qianhong Wu , Alberto Blanco-Justicia

Elaborate protocols in Secure Multi-party Computation enable several participants to compute a public function of their own private inputs while ensuring that no undesired information leaks about the private inputs, and without resorting to…

Cryptography and Security · Computer Science 2019-01-04 Patrick Ah-Fat , Michael Huth

Static information flow control (IFC) systems provide the ability to restrict data flows within a program, enabling vulnerable functionality or confidential data to be statically isolated from unsecured data or program logic. Despite the…

Programming Languages · Computer Science 2022-10-25 Hemant Gouni , Jonathan Aldrich

This article describes the *Confluence Framework*, a novel framework for proving and disproving confluence using a divide-and-conquer modular strategy, and its implementation in CONFident. Using this approach, we are able to automatically…

Logic in Computer Science · Computer Science 2026-04-08 Raúl Gutiérrez , Salvador Lucas , Miguel Vítores