English
Related papers

Related papers: Compositional security definitions for higher-orde…

200 papers

The disastrous vulnerabilities in smart contracts sharply remind us of our ignorance: we do not know how to write code that is secure in composition with malicious code. Information flow control has long been proposed as a way to achieve…

Cryptography and Security · Computer Science 2023-07-21 Ethan Cecchetti , Siqiu Yao , Haobin Ni , Andrew C. Myers

In quantitative information flow we say that program $Q$ is "at least as secure as" $P$ just when the amount of secret information flowing from $Q$ is never more than flows from $P$, with of course a suitable quantification of "flow". This…

Cryptography and Security · Computer Science 2016-04-19 N. Bordenabe , A. McIver , C Morgan , T. Rabehaja

Language-based information flow security aims to decide whether an action-observable program can unintentionally leak confidential information if it has the authority to access confidential data. Recent concerns about declassification…

Cryptography and Security · Computer Science 2016-11-18 Cong Sun , Liyong Tang , Zhong Chen

We present a deductive approach for the analysis of secure information flows with support for fine-grained policies that include declassifications in the form of delimited information release. By explicitly tracking the dependencies of…

Logic in Computer Science · Computer Science 2015-09-15 Bart van Delft , Richard Bubel

Noninterference is a popular semantic security condition because it offers strong end-to-end guarantees, it is inherently compositional, and it can be enforced using a simple security type system. Unfortunately, it is too restrictive for…

Cryptography and Security · Computer Science 2021-01-14 Ethan Cecchetti , Andrew C. Myers , Owen Arden

In automated complexity analysis, noninterference-based type systems statically guarantee, via soundness, the property that well-typed programs compute functions of a given complexity class, e.g., the class FP of functions computable in…

Logic in Computer Science · Computer Science 2024-01-29 Emmanuel Hainry , Bruce M. Kapron , Jean-Yves Marion , Romain Péchoux

In this paper, we investigate a class of information-flow security properties called opacity in partial-observed discrete-event systems. Roughly speaking, a system is said to be opaque if the intruder, which is modeled by a passive…

Systems and Control · Electrical Eng. & Systems 2022-04-01 Bohan Cui , Xiang Yin , Shaoyuan Li , Alessandro Giua

We give a sequential model for noninterference security including probability (but not demonic choice), thus supporting reasoning about the likelihood that high-security values might be revealed by observations of low-security activity. Our…

Formal Languages and Automata Theory · Computer Science 2010-07-08 Annabelle McIver , Larissa Meinicke , Carroll Morgan

Traditional security mechanisms isolate resources from users who should not access them. We reflect the compositional nature of such security mechanisms back into the structure of LLMs to build a provably secure LLM; that we term SecureLLM.…

Computation and Language · Computer Science 2024-06-14 Abdulrahman Alabdulkareem , Christian M Arnold , Yerim Lee , Pieter M Feenstra , Boris Katz , Andrei Barbu

In traditional software programs, it is easy to trace program logic from variables back to input, apply assertion statements to block erroneous behavior, and compose programs together. Although deep learning programs have demonstrated…

Machine Learning · Computer Science 2021-10-27 Mike Wu , Noah Goodman , Stefano Ermon

Sequential querying of differentially private mechanisms degrades the overall privacy level. In this paper, we answer the fundamental question of characterizing the level of overall privacy degradation as a function of the number of queries…

Data Structures and Algorithms · Computer Science 2015-12-08 Peter Kairouz , Sewoong Oh , Pramod Viswanath

Methods for proving that concurrent software does not leak its secrets has remained an active topic of research for at least the past four decades. Despite an impressive array of work, the present situation remains highly unsatisfactory.…

Logic in Computer Science · Computer Science 2020-01-31 Daniel Schoepe , Toby Murray , Andrei Sabelfeld

Every Model of High-Level Computation (MHC) has an underlying composition mechanism for combining simple computing devices into more complex ones. Composition can be done by (explicitly or implicitly) defining control flow, data flow or any…

Logic in Computer Science · Computer Science 2026-05-22 Damian Arellanes

A memory consistency model specifies the allowed behaviors of shared memory concurrent programs. At the language level, these models are known to have a non-trivial impact on the safety of program optimizations, limiting the ability to…

Programming Languages · Computer Science 2025-03-11 Akshay Gopalakrishnan , Clark Verbrugge , Mark Batty

Memory-safety issues and information leakage are known to be depressingly common. We consider the compositional static detection of these kinds of vulnerabilities in first-order C-like programs. Indeed the latter are relational hyper-safety…

Programming Languages · Computer Science 2023-08-22 Toby Murray , Pengbo Yan , Gidon Ernst

Language-based information flow methods offer a principled way to enforce strong security properties, but enforcing noninterference is too inflexible for realistic applications. Security-typed languages have therefore introduced…

Programming Languages · Computer Science 2015-07-01 Aslan Askarov , Andrew Myers

A semantic framework for analyzing safe composition of distributed programs is presented. Its applicability is illustrated by a study of program composition when communication is reliable but not necessarily FIFO\@. In this model, special…

Distributed, Parallel, and Cluster Computing · Computer Science 2009-09-29 Kai Engelhardt , Yoram Moses

Practitioners of secure information flow often face a design challenge: what is the right semantic treatment of leaks via termination? On the one hand, the potential harm of untrusted code calls for strong progress-sensitive security. On…

Programming Languages · Computer Science 2020-05-12 Johan Bay , Aslan Askarov

It is common to prove by reasoning over source code that programs do not leak sensitive data. But doing so leaves a gap between reasoning and reality that can only be filled by accounting for the behaviour of the compiler. This task is…

Logic in Computer Science · Computer Science 2020-10-23 Robert Sison , Toby Murray

Rewriting logic is naturally concurrent: several subterms of the state term can be rewritten simultaneously. But state terms are global, which makes compositionality difficult to achieve. Compositionality here means being able to decompose…

Logic in Computer Science · Computer Science 2020-01-31 Óscar Martín , Alberto Verdejo , Narciso Martí-Oliet
‹ Prev 1 2 3 10 Next ›