English
Related papers

Related papers: A Permission-Dependent Type System for Secure Info…

200 papers

A common security architecture, called the permission-based security model (used e.g. in Android and Blackberry), entails intrinsic risks. For instance, applications can be granted more permissions than they actually need, what we call a…

Cryptography and Security · Computer Science 2013-03-21 Alexandre Bartel , Jacques Klein , Martin Monperrus , Yves Le Traon

Information flow type systems enforce the security property of noninterference by detecting unauthorized data flows at compile-time. However, they require precise type annotations, making them difficult to use in practice as much of the…

Programming Languages · Computer Science 2021-02-10 Abhishek Bichhawat , McKenna McCall , Limin Jia

Android is a widely deployed operating system that employs a permission-based access control model. The Android Permissions System (APS) is responsible for mediating resource requests from applications. APS is a critical component of the…

Cryptography and Security · Computer Science 2022-03-21 Amirhosein Sayyadabdi

With the expansion of the market share occupied by the Android platform, security issues (especially application security) have become attention focus of researchers. In fact, the existing methods lack the capabilities to manage application…

Cryptography and Security · Computer Science 2017-12-07 Yang Luo , Qixun Zhang , Qingni Shen , Hongzhi Liu , Zhonghai Wu

Data protection laws such as GDPR aim to give users unprecedented control over their personal data. Compliance with these regulations requires systematically considering information flow and interactions among entities handling sensitive…

Programming Languages · Computer Science 2025-08-07 Chinmayi Prabhu Baramashetru , Paola Giannini , Silvia Lizeth Tapia Tarifa , Olaf Owe

As data privacy continues to be a crucial human-right concern as recognized by the UN, regulatory agencies have demanded developers obtain user permission before accessing user-sensitive data. Mainly through the use of privacy policies…

Computers and Society · Computer Science 2022-02-16 Md Rashedur Rahman , Elizabeth Miller , Moinul Hossain , Aisha Ali-Gombe

This paper investigates a flow- and path-sensitive static information flow analysis. Compared with security type systems with fixed labels, it has been shown that flow-sensitive type systems accept more secure programs. We show that an…

Programming Languages · Computer Science 2017-06-22 Peixuan Li , Danfeng Zhang

The recent evolution on the smart phone technology has made its application market huge and less secure. Every single day large number of apps introduced in the android market (mostly on google play store) without any particular inspections…

Cryptography and Security · Computer Science 2016-07-18 Chalise Birendra

Android is a widely used operating system that employs a permission-based access control model. The Android Permissions System (APS) is responsible for mediating application resource requests. APS is a critical component of the Android…

Cryptography and Security · Computer Science 2022-08-24 Amirhosein Sayyadabdi , Behrouz Tork Ladani , Bahman Zamani

Protecting confidential data from leaking is a critical challenge in computer systems, particularly given the growing number of observers on the internet. Therefore, limiting information flow using robust security policies becomes…

Security policies are naturally dynamic. Reflecting this, there has been a growing interest in studying information-flow properties which change during program execution, including concepts such as declassification, revocation, and…

Cryptography and Security · Computer Science 2015-01-13 Bart van Delft , Sebastian Hunt , David Sands

We propose a novel type system for verifying that programs correctly implement constant-resource behavior. Our type system extends recent work on automatic amortized resource analysis (AARA), a set of techniques that automatically derive…

Programming Languages · Computer Science 2018-01-09 Van Chan Ngo , Mario Dehesa-Azuara , Matthew Fredrikson , Jan Hoffmann

A common security architecture is based on the protection of certain resources by permission checks (used e.g., in Android and Blackberry). It has some limitations, for instance, when applications are granted more permissions than they…

Software Engineering · Computer Science 2023-05-05 Alexandre Bartel , Jacques Klein , Martin Monperrus , Yves Le Traon

Synchronous reactive data flow is a paradigm that provides a high-level abstract programming model for embedded and cyber-physical systems, including the locally synchronous components of IoT systems. Security in such systems is severely…

Programming Languages · Computer Science 2022-01-04 Sanjiva Prasad , R. Madhukar Yerraguntla , Subodh Sharma

Mobile phones have developed into complex platforms with large numbers of installed applications and a wide range of sensitive data. Application security policies limit the permissions of each installed application. As applications may…

Cryptography and Security · Computer Science 2012-05-01 Steffen Bartsch , Karsten Sohr , Michaela Bunke , Oliver Hofrichter , Bernhard Berger

Like many desktop operating systems in the 1990s, Android is now in the process of including support for multi-user scenarios. Because these scenarios introduce new threats to the system, we should have an understanding of how well the…

Cryptography and Security · Computer Science 2014-10-29 Paul Ratazzi , Yousra Aafer , Amit Ahlawat , Hao Hao , Yifei Wang , Wenliang Du

We propose a type-based analysis to infer the session protocols of channels in an ML-like concurrent functional language. Combining and extending well-known techniques, we develop a type-checking system that separates the underlying ML type…

Programming Languages · Computer Science 2016-04-14 Carlo Spaccasassi , Vasileios Koutavas

Language-based information flow methods offer a principled way to enforce strong security properties, but enforcing noninterference is too inflexible for realistic applications. Security-typed languages have therefore introduced…

Programming Languages · Computer Science 2015-07-01 Aslan Askarov , Andrew Myers

The existence of native code in Android apps plays an important role in triggering inconspicuous propagation of secrets and circumventing malware detection. However, the state-of-the-art information-flow analysis tools for Android apps all…

Cryptography and Security · Computer Science 2022-03-01 Cong Sun , Yuwan Ma , Dongrui Zeng , Gang Tan , Siqi Ma , Yafei Wu

In recent years, there has been rapid growth in mobile devices such as smartphones, and a number of applications are developed specifically for the smartphone market. In particular, there are many applications that are ``free'' to the user,…

Cryptography and Security · Computer Science 2013-05-20 Hiroki Kuzuno , Satoshi Tonami
‹ Prev 1 2 3 10 Next ›