English
Related papers

Related papers: Tool-Supported Architecture-Based Data Flow Analys…

200 papers

Mobile phones have developed into complex platforms with large numbers of installed applications and a wide range of sensitive data. Application security policies limit the permissions of each installed application. As applications may…

Cryptography and Security · Computer Science 2012-05-01 Steffen Bartsch , Karsten Sohr , Michaela Bunke , Oliver Hofrichter , Bernhard Berger

Security and distributed infrastructure are two of the most common requirements for big data software. But the security features of the big data platforms are still premature. It is critical to identify, modify, test and execute some of the…

Cryptography and Security · Computer Science 2016-11-24 Santosh Aditham , Nagarajan Ranganathan

The thesis advances the field of software security by providing knowledge and automation support for software vulnerability assessment using data-driven approaches. Software vulnerability assessment provides important and multifaceted…

Software Engineering · Computer Science 2023-06-21 Triet H. M. Le

We present a deductive approach for the analysis of secure information flows with support for fine-grained policies that include declassifications in the form of delimited information release. By explicitly tracking the dependencies of…

Logic in Computer Science · Computer Science 2015-09-15 Bart van Delft , Richard Bubel

Pushed by market forces, software development has become fast-paced. As a consequence, modern development projects are assembled from 3rd-party components. Security & privacy assurance techniques once designed for large, controlled updates…

Software Engineering · Computer Science 2021-03-08 Ivan Pashchenko , Riccardo Scandariato , Antonino Sabetta , Fabio Massacci

We introduce a novel type system for enforcing secure information flow in an imperative language. Our work is motivated by the problem of statically checking potential information leakage in Android applications. To this end, we design a…

Programming Languages · Computer Science 2017-09-28 Hongxu Chen , Alwen Tiu , Zhiwu Xu , Yang Liu

Dynamic Information Flow Tracking (DIFT) is a technique to track potential security vulnerabilities in software and hardware systems at run time. The last fifteen years have seen a lot of research work on DIFT, including both hardware-based…

Cryptography and Security · Computer Science 2019-11-14 Ali Jahanshahi

Individuals lack oversight over systems that process their data. This can lead to discrimination and hidden biases that are hard to uncover. Recent data protection legislation tries to tackle these issues, but it is inadequate. It does not…

Software Engineering · Computer Science 2023-05-22 Valentin Zieglmeier , Alexander Pretschner

Security still remains an afterthought in modern Electronic Design Automation (EDA) tools, which solely focus on enhancing performance and reducing the chip size. Typically, the security analysis is conducted by hand, leading to…

Cryptography and Security · Computer Science 2022-12-01 Lennart M. Reimann , Sarp Erdönmez , Dominik Sisejkovic , Rainer Leupers

Software testing is the most commonly used technique in the industry to certify the correctness of software systems. This includes security properties like access control and data confidentiality. However, information flow control and the…

Software Engineering · Computer Science 2019-08-28 Eduardo Geraldo , João Costa Seco

Since decade understanding of programs has become a compulsory task for the students as well as for others who are involved in the process of developing software and providing solutions to open problems. In that aspect showing the problem…

Software Engineering · Computer Science 2017-08-25 Safeeullah Soomro , Zainab Alansari , Mohammad Riyaz Belgaum

Beyond self-report data, we lack reliable and non-intrusive methods for identifying flow. However, taking a step back and acknowledging that flow occurs during periods of focus gives us the opportunity to make progress towards measuring…

Human-Computer Interaction · Computer Science 2023-04-11 Adam Brown , Sarah D'Angelo , Ben Holtz , Ciera Jaspen , Collin Green

In this paper we describe a method for verifying secure information flow of programs, where apart from direct and indirect flows a secret information can be leaked through covert timing channels. That is, no two computations of a program…

Programming Languages · Computer Science 2013-07-18 Aleksandar S. Dimovski

Models of software systems are used throughout the software development lifecycle. Dataflow diagrams (DFDs), in particular, are well-established resources for security analysis. Many techniques, such as threat modelling, are based on DFDs…

Software Engineering · Computer Science 2024-01-10 Simon Schneider , Nicolás E. Díaz Ferreyra , Pierre-Jean Quéval , Georg Simhandl , Uwe Zdun , Riccardo Scandariato

Performance analysis is challenging as different components (e.g.,different libraries, and applications) of a complex system can interact with each other. However, few existing tools focus on understanding such interactions. To bridge this…

Performance · Computer Science 2024-10-24 Steven , Tang , Mingcan Xiang , Yang Wang , Bo Wu , Jianjun Chen , Tongping Liu

An interprocedural analysis is precise if it is flow sensitive and fully context-sensitive even in the presence of recursion. Many methods of interprocedural analysis sacrifice precision for scalability while some are precise but limited to…

Programming Languages · Computer Science 2013-07-30 Rohan Padhye , Uday P. Khedker

Information flow analysis has largely ignored the setting where the analyst has neither control over nor a complete model of the analyzed system. We formalize such limited information flow analyses and study an instance of it: detecting the…

Cryptography and Security · Computer Science 2014-05-13 Michael Carl Tschantz , Amit Datta , Anupam Datta , Jeannette M. Wing

The use of open-source software (OSS) is ever-increasing, and so is the number of open-source vulnerabilities being discovered and publicly disclosed. The gains obtained from the reuse of community-developed libraries may be offset by the…

Cryptography and Security · Computer Science 2025-03-18 Serena E. Ponta , Henrik Plate , Antonino Sabetta

Today's routing protocols critically rely on the assumption that the underlying hardware is trusted. Given the increasing number of attacks on network devices, and recent reports on hardware backdoors this assumption has become…

Networking and Internet Architecture · Computer Science 2017-05-02 Kashyap Thimmaraju , Liron Schiff , Stefan Schmid

Data protection laws such as GDPR aim to give users unprecedented control over their personal data. Compliance with these regulations requires systematically considering information flow and interactions among entities handling sensitive…

Programming Languages · Computer Science 2025-08-07 Chinmayi Prabhu Baramashetru , Paola Giannini , Silvia Lizeth Tapia Tarifa , Olaf Owe