English
Related papers

Related papers: LWeb: Information Flow Security for Multi-tier Web…

200 papers

Large Language Model-based systems (LLM systems) are information and query processing systems that use LLMs to plan operations from natural-language prompts and feed the output of each successive step into the LLM to plan the next. This…

Cryptography and Security · Computer Science 2024-10-11 Fangzhou Wu , Ethan Cecchetti , Chaowei Xiao

Security Enhanced Linux (SELinux) is a security architecture for Linux implementing mandatory access control. It has been used in numerous security-critical contexts ranging from servers to mobile devices. But this is challenging as SELinux…

Cryptography and Security · Computer Science 2022-06-01 Lorenzo Ceragioli , Letterio Galletta , Pierpaolo Degano , David Basin

Flow-sensitive analysis for information-flow control (IFC) allows data structures to have mutable security labels, i.e., labels that can change over the course of the computation. This feature is often used to boost the permissiveness of…

Cryptography and Security · Computer Science 2015-07-23 Pablo Buiras , Deian Stefan , Alejandro Russo

Link Traversal-based Query Processing (ltqp), in which a sparql query is evaluated over a web of documents rather than a single dataset, is often seen as a theoretically interesting yet impractical technique. However, in a time where the…

Databases · Computer Science 2023-03-28 Bart Bogaerts , Bas Ketsman , Younes Zeboudj , Heba Aamer , Ruben Taelman , Ruben Verborgh

Modern web applications serve large amounts of sensitive user data, access to which is typically governed by data-access policies. Enforcing such policies is crucial to preventing improper data access, and prior work has proposed many…

Databases · Computer Science 2022-06-02 Wen Zhang , Eric Sheng , Michael Chang , Aurojit Panda , Mooly Sagiv , Scott Shenker

Quantitative Information Flow (QIF) provides a robust information-theoretical framework for designing secure systems with minimal information leakage. While previous research has addressed the design of such systems under hard constraints…

Cryptography and Security · Computer Science 2024-11-18 Andreas Athanasiou , Konstantinos Chatzikokolakis , Catuscia Palamidessi

Communication topology is a critical factor in the utility and safety of LLM-based multi-agent systems (LLM-MAS), making it a high-value intellectual property (IP) whose confidentiality remains insufficiently studied. Existing topology…

Cryptography and Security · Computer Science 2026-03-20 Zixun Xiong , Gaoyi Wu , Lingfeng Yao , Miao Pan , Xiaojiang Du , Hao Wang

As modern hardware designs grow in complexity and size, ensuring security across the confidentiality, integrity, and availability (CIA) triad becomes increasingly challenging. Information flow tracking (IFT) is a widely-used approach to…

Cryptography and Security · Computer Science 2025-04-10 Nowfel Mashnoor , Mohammad Akyash , Hadi Kamali , Kimia Azar

Websites today routinely combine JavaScript from multiple sources, both trusted and untrusted. Hence, JavaScript security is of paramount importance. A specific interesting problem is information flow control (IFC) for JavaScript. In this…

Cryptography and Security · Computer Science 2014-01-22 Abhishek Bichhawat , Vineet Rajani , Deepak Garg , Christian Hammer

Session management is a fundamental component of web applications: despite the apparent simplicity, correctly implementing web sessions is extremely tricky, as witnessed by the large number of existing attacks. This motivated the design of…

Cryptography and Security · Computer Science 2020-06-03 Stefano Calzavara , Riccardo Focardi , Niklas Grimm , Matteo Maffei , Mauro Tempesta

The rapidly expanding number of Internet of Things (IoT) devices is generating huge quantities of data, but the data privacy and security exposure in IoT devices, especially in the automatic driving system. Federated learning (FL) is a…

Cryptography and Security · Computer Science 2022-09-15 Jiayin Li , Wenzhong Guo , Xingshuo Han , Jianping Cai , Ximeng Liu

The rise of serverless computing provides an opportunity to rethink cloud security. We present an approach for securing serverless systems using a novel form of dynamic information flow control (IFC). We show that in serverless…

Programming Languages · Computer Science 2018-02-27 Kalev Alpernas , Cormac Flanagan , Sadjad Fouladi , Leonid Ryzhyk , Mooly Sagiv , Thomas Schmitz , Keith Winstein

Social scientists are increasingly interested in analyzing the semantic information (e.g., emotion) of unstructured data (e.g., Tweets), where the semantic information is not natively present. Performing this analysis in a cost-efficient…

Databases · Computer Science 2025-01-08 Chuxuan Hu , Austin Peters , Daniel Kang

Language-based information flow control (IFC) tracks dependencies within a program using sensitivity labels and prohibits public outputs from depending on secret inputs. In particular, literature has proposed several type systems for…

Cryptography and Security · Computer Science 2020-11-18 Vineet Rajani , Deepak Garg

Querying tables with unstructured data is challenging due to the presence of text (or image), either embedded in the table or in external paragraphs, which traditional SQL struggles to process, especially for tasks requiring semantic…

Artificial Intelligence · Computer Science 2025-09-25 Rohit Khoja , Devanshu Gupta , Yanjie Fu , Dan Roth , Vivek Gupta

This position paper explores how to support the Web's evolution through an underlying data-centric approach that better matches the data-orientedness of modern and emerging applications. We revisit the original vision of the Web as a…

Networking and Internet Architecture · Computer Science 2024-07-23 Tianyuan Yu , Xinyu Ma , Varun Patil , Yekta Kocaogullar , Yulong Zhang , Jeff Burke , Dirk Kutscher , Lixia Zhang

Increasing complexity in software systems places a growing demand on reasoning tools that unlock vulnerabilities manifest in source code. Many current approaches focus on vulnerability analysis as a classifying task, oversimplifying the…

Artificial Intelligence · Computer Science 2025-09-23 Ala Jararweh , Michael Adams , Avinash Sahu , Abdullah Mueen , Afsah Anwar

Users' website browsing history contains sensitive information, like health conditions, political interests, financial situations, etc. Some recent studies have demonstrated the possibility of inferring website fingerprints based on…

Cryptography and Security · Computer Science 2021-10-05 Han Wang

WebShell attacks - where adversaries implant malicious scripts on web servers - remain a persistent threat. Prior machine-learning and deep-learning detectors typically depend on task-specific supervision and can be brittle under data…

Cryptography and Security · Computer Science 2026-02-13 Feijiang Han , Jiaming Zhang , Chuyi Deng , Jianheng Tang , Yunhuai Liu

The Model Context Protocol (MCP) is the standard interface between large language model (LLM) agents and external tools. At organizational scale, however, it exposes two structural problems. First, every API integration is shipped as a…

Software Engineering · Computer Science 2026-05-08 Axel Dunkel