English
Related papers

Related papers: Output-sensitive Information flow analysis

200 papers

An oblivious computation is one that is free of direct and indirect information leaks, e.g., due to observable differences in timing and memory access patterns. This paper presents Lambda Obliv, a core language whose type system enforces…

Programming Languages · Computer Science 2019-11-14 David Darais , Ian Sweet , Chang Liu , Michael Hicks

Synchronous reactive data flow is a paradigm that provides a high-level abstract programming model for embedded and cyber-physical systems, including the locally synchronous components of IoT systems. Security in such systems is severely…

Programming Languages · Computer Science 2022-01-04 Sanjiva Prasad , R. Madhukar Yerraguntla , Subodh Sharma

We propose a constraint-based flow-sensitive static analysis for concurrent programs by iteratively composing thread-modular abstract interpreters via the use of a system of lightweight constraints. Our method is compositional in that it…

Programming Languages · Computer Science 2017-10-02 Markus Kusano , Chao Wang

We propose a type system to analyze the time consumed by multi-threaded imperative programs with a shared global memory, which delineates a class of safe multi-threaded programs. We demonstrate that a safe multi-threaded program runs in…

Computational Complexity · Computer Science 2012-04-02 Jean-Yves Marion , Romain Péchoux

We present a deductive approach for the analysis of secure information flows with support for fine-grained policies that include declassifications in the form of delimited information release. By explicitly tracking the dependencies of…

Logic in Computer Science · Computer Science 2015-09-15 Bart van Delft , Richard Bubel

Information flow control type systems statically restrict the propagation of sensitive data to ensure end-to-end confidentiality. The property to be shown is noninterference, asserting that an attacker cannot infer any secrets from made…

Programming Languages · Computer Science 2021-04-30 Farzaneh Derakhshan , Stephanie Balzer , Limin Jia

Static information flow control (IFC) systems provide the ability to restrict data flows within a program, enabling vulnerable functionality or confidential data to be statically isolated from unsecured data or program logic. Despite the…

Programming Languages · Computer Science 2022-10-25 Hemant Gouni , Jonathan Aldrich

Information flow analysis checks whether certain pieces of (confidential) data may affect the results of computations in unwanted ways and thus leak information. Dynamic information flow analysis adds instrumentation code to the target…

Programming Languages · Computer Science 2016-07-11 Gergö Barany

Long Short-Term Memory (LSTM) is one of the most widely used recurrent structures in sequence modeling. It aims to use gates to control information flow (e.g., whether to skip some information or not) in the recurrent computations, although…

Machine Learning · Computer Science 2018-06-11 Zhuohan Li , Di He , Fei Tian , Wei Chen , Tao Qin , Liwei Wang , Tie-Yan Liu

Quantitative information flow analyses measure how much information on secrets is leaked by publicly observable outputs. One area of interest is to quantify and estimate the information leakage of composed systems. Prior work has focused on…

Cryptography and Security · Computer Science 2015-09-30 Yusuke Kawamoto , Thomas Given-Wilson

We introduce a privacy measure called pointwise maximal leakage, generalizing the pre-existing notion of maximal leakage, which quantifies the amount of information leaking about a secret $X$ by disclosing a single outcome of a (randomized)…

Information Theory · Computer Science 2023-08-16 Sara Saeidian , Giulia Cervia , Tobias J. Oechtering , Mikael Skoglund

We propose an approach on model checking information flow for imperative language with procedures. We characterize our model with pushdown system, which has a stack of unbounded length that naturally models the execution of procedural…

Cryptography and Security · Computer Science 2010-12-15 Cong Sun , Liyong Tang , Zhong Chen

The PQDSS standardization process requires cryptographic primitives to be free from vulnerabilities, including timing and cache side-channels. Resistance to timing leakage is therefore an essential property, and achieving this typically…

Quantitative information flow (QIF) is traditionally defined as the expected value of information leakage over all feasible program runs and it fails to identify vulnerable programs where only limited number of runs leak large amount of…

Cryptography and Security · Computer Science 2019-05-14 Bao Trung Chu , Kenji Hashimoto , Hiroyuki Seki

This paper discusses stability and robustness properties of a recently proposed observer algorithm for linear time varying systems. The observer is based on the approximation and subsequent modification of the non-negative Lyapunov…

Optimization and Control · Mathematics 2018-09-19 Markus Tranninger , Sergiy Zhuk , Martin Steinberger , Leonid Fridman , Martin Horn

Data minimisation is a privacy enhancing principle, stating that personal data collected should be no more than necessary for the specific purpose consented by the user. Checking that a program satisfies the data minimisation principle is…

Logic in Computer Science · Computer Science 2018-01-09 Srinivas Pinisetty , Thibaud Antignac , David Sands , Gerardo Schneider

Large Language Models (LLMs) are rapidly becoming commodity components of larger software systems. This poses natural security and privacy problems: poisoned data retrieved from one component can change the model's behavior and compromise…

We consider CCS with value passing and elaborate a notion of noninterference for the process calculi, which matches closely that of the programming language. The idea is to view channels as information carriers rather than as "events", so…

Logic in Computer Science · Computer Science 2011-09-23 Steffen van Bakel , Maria Grazia Vigliotti

It is common to prove by reasoning over source code that programs do not leak sensitive data. But doing so leaves a gap between reasoning and reality that can only be filled by accounting for the behaviour of the compiler. This task is…

Logic in Computer Science · Computer Science 2020-10-23 Robert Sison , Toby Murray

Non-interference is a program property that ensures the absence of information leaks. In the context of programming languages, there exist two common approaches for establishing non-interference: type systems and program logics. Type…

Logic in Computer Science · Computer Science 2020-03-09 Dan Frumin , Robbert Krebbers , Lars Birkedal