English
Related papers

Related papers: Using Information Flow to estimate interference be…

200 papers

Many important security problems in JavaScript, such as browser extension security, untrusted JavaScript libraries and safe integration of mutually distrustful websites (mash-ups), may be effectively addressed using an efficient…

Programming Languages · Computer Science 2015-01-20 Stefan Heule , Deian Stefan , Edward Z. Yang , John C. Mitchell , Alejandro Russo

Protection of confidential data is an important security consideration of today's applications. Of particular concern is to guard against unintentional leakage to a (malicious) observer, who may interact with the program and draw inference…

Logic in Computer Science · Computer Science 2024-07-03 Bas van den Heuvel , Farzaneh Derakhshan , Stephanie Balzer

Version control system tools empower developers to independently work on their development tasks. These tools also facilitate the integration of changes through merging operations, and report textual conflicts. However, when developers…

Software Engineering · Computer Science 2023-10-16 Galileu Santos de Jesus , Paulo Borba , Rodrigo Bonifácio , Matheus Barbosa de Oliveira

Android apps cooperate through message passing via intents. However, when apps do not have identical sets of privileges inter-app communication (IAC) can accidentally or maliciously be misused, e.g., to leak sensitive information contrary…

Software Engineering · Computer Science 2023-05-09 Abhishek Tiwari , Sascha Groß , Christian Hammer

Websites today routinely combine JavaScript from multiple sources, both trusted and untrusted. Hence, JavaScript security is of paramount importance. A specific interesting problem is information flow control (IFC) for JavaScript. In this…

Cryptography and Security · Computer Science 2014-01-22 Abhishek Bichhawat , Vineet Rajani , Deepak Garg , Christian Hammer

In today's machine learning (ML) models, any part of the training data can affect the model output. This lack of control for information flow from training data to model output is a major obstacle in training models on sensitive data when…

Mobile and IoT applications have greatly enriched our daily life by providing convenient and intelligent services. However, these smart applications have been a prime target of adversaries for stealing sensitive data. It poses a crucial…

Cryptography and Security · Computer Science 2021-06-10 Ning Xi , Chao Chen , Jun Zhang , Cong Sun , Shigang Liu , Pengbin Feng , Jianfeng Ma

Static information flow control (IFC) systems provide the ability to restrict data flows within a program, enabling vulnerable functionality or confidential data to be statically isolated from unsecured data or program logic. Despite the…

Programming Languages · Computer Science 2022-10-25 Hemant Gouni , Jonathan Aldrich

An information owner, possessing diverse data sources, might want to offer information services based on these sources to cooperation partners and to this end interact with these partners by receiving and sending messages, which the owner…

Cryptography and Security · Computer Science 2017-07-27 Joachim Biskup , Cornelia Tadros , Jaouad Zarouali

This tutorial provides a complete and homogeneous account of the latest advances in fine- and coarse-grained dynamic information-flow control (IFC) security. Since the 70s, the programming language and the operating system communities have…

Programming Languages · Computer Science 2022-08-30 Marco Vassena , Alejandro Russo , Deepak Garg , Vineet Rajani , Deian Stefan

Information flow analysis checks whether certain pieces of (confidential) data may affect the results of computations in unwanted ways and thus leak information. Dynamic information flow analysis adds instrumentation code to the target…

Programming Languages · Computer Science 2016-07-11 Gergö Barany

Information flow analysis prevents secret or untrusted data from flowing into public or trusted sinks. Existing mechanisms cover a wide array of options, ranging from lightweight taint analysis to heavyweight information flow control that…

Cryptography and Security · Computer Science 2019-06-28 Cristian-Alexandru Staicu , Daniel Schoepe , Musard Balliu , Michael Pradel , Andrei Sabelfeld

In this thesis we consider the problem of information hiding in the scenarios of interactive systems, statistical disclosure control, and refinement of specifications. We apply quantitative approaches to information flow in the first two…

Cryptography and Security · Computer Science 2012-02-14 Mário S. Alvim

Detecting semantic interference remains a challenge in collaborative software development. Recent lightweight static analysis techniques improve efficiency over SDG-based methods, but they still suffer from a high rate of false positives. A…

Software Engineering · Computer Science 2025-10-03 Victor Lira , Paulo Borba , Rodrigo Bonifácio , Galileu Santos e Matheus barbosa

The cloud model's dependence on massive parallelism and resource sharing exacerbates the security challenge of timing side-channels. Timing Information Flow Control (TIFC) is a novel adaptation of IFC techniques that may offer a way to…

Cryptography and Security · Computer Science 2012-05-18 Bryan Ford

Information Flow Control (IFC) is a collection of techniques for ensuring a no-write-down no-read-up style security policy known as noninterference. Traditional methods for both static and dynamic IFC suffer from untenable numbers of false…

Cryptography and Security · Computer Science 2020-05-27 Maximilian Algehed , Cormac Flanagan

Information flow security is classically formulated in terms of the absence of illegal information flows, with respect to a security setting consisting of a single flow policy that specifies what information flows should be permitted in the…

Programming Languages · Computer Science 2019-01-09 Ana Almeida Matos , Jan Cederquist

Noninterference guarantees that an attacker cannot infer secrets by interacting with a program. Information flow control (IFC) type systems assert noninterference by tracking the level of information learned (pc) and disallowing…

Programming Languages · Computer Science 2024-07-31 Farzaneh Derakhshan , Stephanie Balzer , Yue Yao

Information flow control (IFC) provides confidentiality by enforcing noninterference, which ensures that high-secrecy values cannot affect low-secrecy values. Prior work introduces fine-grained IFC approaches that modify the programming…

Programming Languages · Computer Science 2024-03-20 Ada Lamba , Max Taylor , Vincent Beardsley , Jacob Bambeck , Michael D. Bond , Zhiqiang Lin

Information flow analysis is a powerful technique for reasoning about the sensitive information exposed by a program during its execution. While past work has proposed information theoretic metrics (e.g., Shannon entropy, min-entropy,…

Cryptography and Security · Computer Science 2010-09-22 Ji Zhu , Mudhakar Srivatsa
‹ Prev 1 2 3 10 Next ›