English
Related papers

Related papers: Information-flow Interfaces and Security Lattices

200 papers

Static information flow control (IFC) systems provide the ability to restrict data flows within a program, enabling vulnerable functionality or confidential data to be statically isolated from unsecured data or program logic. Despite the…

Programming Languages · Computer Science 2022-10-25 Hemant Gouni , Jonathan Aldrich

Security of information flow is commonly understood as preventing any information leakage, regardless of how grave or harmless consequences the leakage can have. In this work, we suggest that information security is not a goal in itself,…

Cryptography and Security · Computer Science 2016-08-09 Wojciech Jamroga , Masoud Tabatabaei

Security Enhanced Linux (SELinux) is a security architecture for Linux implementing mandatory access control. It has been used in numerous security-critical contexts ranging from servers to mobile devices. But this is challenging as SELinux…

Cryptography and Security · Computer Science 2022-06-01 Lorenzo Ceragioli , Letterio Galletta , Pierpaolo Degano , David Basin

A security policy specifies a security property as the maximal information flow. A distributed system composed of interacting processes implicitly defines an intransitive security policy by repudiating direct information flow between…

Cryptography and Security · Computer Science 2013-10-15 Jean Quilbeuf , Georgeta Igna , Denis Bytschkow , Harald Ruess

The logic of information flows (LIF) is a general framework in which tasks of a procedural nature can be modeled in a declarative, logic-based fashion. The first contribution of this paper is to propose semantic and syntactic definitions of…

Logic in Computer Science · Computer Science 2022-09-15 Heba Aamer , Bart Bogaerts , Dimitri Surinx , Eugenia Ternovska , Jan Van den Bussche

Contract-based design is a promising methodology for taming the complexity of developing sophisticated systems. A formal contract distinguishes between assumptions, which are constraints that the designer of a component puts on the…

Formal Languages and Automata Theory · Computer Science 2020-05-11 Ezio Bartocci , Thomas Ferrère , Thomas A. Henzinger , Dejan Nickovic , Ana Oliveira da Costa

Information flow policies are often dynamic; the security concerns of a program will typically change during execution to reflect security-relevant events. A key challenge is how to best specify, and give proper meaning to, such dynamic…

Cryptography and Security · Computer Science 2015-09-24 Niklas Broberg , Bart van Delft , David Sands

We develop a theoretical framework for defining and identifying flows of information in computational systems. Here, a computational system is assumed to be a directed graph, with "clocked" nodes that send transmissions to each other along…

Information Theory · Computer Science 2023-07-21 Praveen Venkatesh , Sanghamitra Dutta , Pulkit Grover

Firewalls are security devices that perform network traffic filtering. They are ubiquitous in the industry and are a common method used to enforce organizational security policy. Security policy is specified on a high level of abstraction,…

Cryptography and Security · Computer Science 2022-12-08 Ivan Kovačević , Bruno Štengl , Stjepan Groš

Designing secure information infrastructure is a function of design and usability. However, security is seldom given priority when systems are being developed. Secure design practices should balance between functionality (i.e., proper…

Cryptography and Security · Computer Science 2024-03-21 Niroop Sugunaraj

Some theories on data flow security are based on order-theoretical concepts, most commonly on lattice concepts. This paper presents a correspondence between security concepts and partial order concepts, by which the former become an…

Cryptography and Security · Computer Science 2024-03-13 Luigi Logrippo

Knowledge flow analysis offers a simple and flexible way to find flaws in security protocols. A protocol is described by a collection of rules constraining the propagation of knowledge amongst principals. Because this characterization…

Cryptography and Security · Computer Science 2007-05-23 Emina Torlak , Marten van Dijk , Blaise Gassend , Daniel Jackson , Srinivas Devadas

Security graphs model attacks, defenses, mitigations, and vulnerabilities on computer networks and systems. With proper attributes, they provide security metrics using standard graph algorithms. A hyperflow graph is a register-transfer…

Cryptography and Security · Computer Science 2023-04-18 Andres Meza , Ryan Kastner

This paper investigates a flow- and path-sensitive static information flow analysis. Compared with security type systems with fixed labels, it has been shown that flow-sensitive type systems accept more secure programs. We show that an…

Programming Languages · Computer Science 2017-06-22 Peixuan Li , Danfeng Zhang

Protection of confidential data is an important security consideration of today's applications. Of particular concern is to guard against unintentional leakage to a (malicious) observer, who may interact with the program and draw inference…

Logic in Computer Science · Computer Science 2024-07-03 Bas van den Heuvel , Farzaneh Derakhshan , Stephanie Balzer

We introduce a framework for reasoning about the security of computer systems using modal logic. This framework is sufficiently expressive to capture a variety of known security properties, while also being intuitive and independent of…

Cryptography and Security · Computer Science 2023-09-19 Matvey Soloviev , Musard Balliu , Roberto Guanciale

The paper studies dynamic information flow security policies in an automaton-based model. Two semantic interpretations of such policies are developed, both of which generalize the notion of TA-security [van der Meyden ESORICS 2007] for…

Cryptography and Security · Computer Science 2016-01-21 Sebastian Eggert , Ron van der Meyden

Interface specifications play an important role in component-based software development. An interface theory is a formal framework supporting composition, refinement and compatibility of interface specifications. We present different…

Software Engineering · Computer Science 2011-01-26 Sebastian S. Bauer , Rolf Hennicker , Stephan Janisch

In workflows and business processes, there are often security requirements on both the data, i.e. confidentiality and integrity, and the process, e.g. separation of duty. Graphical notations exist for specifying both workflows and…

Cryptography and Security · Computer Science 2014-04-09 Thomas Bauereiss , Dieter Hutter

We introduce knowledge flow analysis, a simple and flexible formalism for checking cryptographic protocols. Knowledge flows provide a uniform language for expressing the actions of principals, assump- tions about intruders, and the…

Cryptography and Security · Computer Science 2007-05-23 Marten van Dijk , Emina Torlak , Blaise Gassend , Srinivas Devadas
‹ Prev 1 2 3 10 Next ›