ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
JFlow: practical mostly-static information flow control
Full text PdfPdf (1.91 MB)
Source Annual Symposium on Principles of Programming Languages archive
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages table of contents
San Antonio, Texas, United States
Pages: 228 - 241  
Year of Publication: 1999
ISBN:1-58113-095-3
Author
Andrew C. Myers  Laboratory for Computer Science, Massachusetts Institute of Technology
Sponsors
SIGPLAN: ACM Special Interest Group on Programming Languages
SIGACT: ACM Special Interest Group on Algorithms and Computation Theory
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 23,   Downloads (12 Months): 147,   Citation Count: 119
Additional Information:

references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/292540.292561
What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
Aba97
Martín Abadi, Secrecy by Typing inSecurity Protocols, Proceedings of the Third International Symposium on Theoretical Aspects of Computer Software, p.611-638, September 23-26, 1997
ACPP91
Martín Abadi , Luca Cardelli , Benjamin Pierce , Gordon Plotkin, Dynamic typing in a statically typed language, ACM Transactions on Programming Languages and Systems (TOPLAS), v.13 n.2, p.237-268, April 1991  [doi>10.1145/103135.103138]
AR80
Gregory R. Andrews , Richard P. Reitman, An Axiomatic Approach to Information Flow in Programs, ACM Transactions on Programming Languages and Systems (TOPLAS), v.2 n.1, p.56-76, Jan. 1980  [doi>10.1145/357084.357088]
 
BL75
D.E. Bell and L. J. LaPadula. Secure computer system: Unified exposition and Multics interpretation. Technical Report ESD-TR-75-306, MITRE Corp. MTR-2997, Bedford, MA, 1975. Available as NTIS AD-A023 588.
 
Car91
Luca Cardelli. Typeful programming. In E. J. Neuhold and M. Paul, editors, Formal Description of Programming Concepts. Springer-Verlag, 1991. An earlier version appeared as DEC Systems Research Center Research Report #45, February 1989.
DD77
Dorothy E. Denning , Peter J. Denning, Certification of programs for secure information flow, Communications of the ACM, v.20 n.7, p.504-513, July 1977  [doi>10.1145/359636.359712]
Den76
Dorothy E. Denning, A lattice model of secure information flow, Communications of the ACM, v.19 n.5, p.236-243, May 1976  [doi>10.1145/360051.360056]
 
Den82
Dorothy Elizabeth Rob Denning, Cryptography and Data Security, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1982
 
GJS96
James Gosling , Bill Joy , Guy L. Steele, The Java Language Specification, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1996
 
HDT87
Susan Horwitz , Alan Demers , Tim Teitebaum, An efficient general iterative algorithm for dataflow analysis, Acta Informatica, v.24 n.6, p.679-694, November 1, 1987
HR98
Nevin Heintze , Jon G. Riecke, The SLam calculus: programming with secrecy and integrity, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.365-377, January 19-21, 1998, San Diego, California, United States  [doi>10.1145/268946.268976]
JL78
Anita K. Jones , Barbara H. Liskov, A language extension for expressing constraints on data access, Communications of the ACM, v.21 n.5, p.358-367, May 1978  [doi>10.1145/359488.359493]
 
KW94
Atsushi Kanamori and Daniel Weise. Worklist management strategies for dataflow analysis. Technical Report MSR-TR-94-12, Microsoft Research, May 1994.
Lam73
Butler W. Lampson, A note on the confinement problem, Communications of the ACM, v.16 n.10, p.613-615, Oct. 1973  [doi>10.1145/362375.362389]
 
LMM98
Barbara Liskov, Nicholas Mathewson, and Andrew C. Myers. PolyJ: Parameterized types for Java. Software release. Located at http://www.pmg.lcs.mit.edu/polyj, July 1998.
MBL97
Joseph A. Bank , Andrew C. Myers , Barbara Liskov, Parameterized types for Java, Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.132-145, January 15-17, 1997, Paris, France  [doi>10.1145/263699.263714]
ML97
Andrew C. Myers , Barbara Liskov, A decentralized model for information flow control, Proceedings of the sixteenth ACM symposium on Operating systems principles, p.129-142, October 05-08, 1997, Saint Malo, France
 
ML98
Andrew C. Myers and Barbara Liskov. Complete, safe information flow with decentralized labels. In Proc. IEEE Symposium on Security and Privacy, Oakland, CA, USA, May 1998.
 
MMN90
Catherine J. McCollum, Judith R. Messing, and LouAnna Notargiacomo. Beyond the pale of MAC and DAC -- defining new forms of access control. In Proc. IEEE Symposium on Security and Privacy, pages 190- 200, 1990.
 
Mye99
Andrew C. Myers , Barbara Liskov, Mostly-static decentralized information flow control, 1999
 
PO95
Jens Palsberg , Peter Ørbæk, Trust in the lambda-Calculus, Proceedings of the Second International Symposium on Static Analysis, p.314-329, September 25-27, 1995
 
RM96
Jakob Rehof , Torben Æ. Mogensen, Tractable Constraints in Finite Semilattices, Proceedings of the Third International Symposium on Static Analysis, p.285-300, September 24-26, 1996
RSC92
Joel Richardson , Peter Schwarz , Luis-Felipe Cabrera, CACL: efficient fine-grained protection for objects, conference proceedings on Object-oriented programming systems, languages, and applications, p.263-275, October 18-22, 1992, Vancouver, British Columbia, Canada
 
Sto81
Allen Stoughton. Access flow: A protection model which integrates access control and information flow. In IEEE Symposium on Security and Privacy, pages 9-I 8. IEEE Computer Society Press, 1981.
SV98
Geoffrey Smith , Dennis Volpano, Secure information flow in a multi-threaded imperative language, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.355-364, January 19-21, 1998, San Diego, California, United States  [doi>10.1145/268946.268975]
Vol97
Dennis Volpano, Provably-secure programming languages for remote evaluation, ACM SIGPLAN Notices, v.32 n.1, p.117-119, Jan. 1997  [doi>10.1145/251595.254091]
 
VSI96
Dennis Volpano , Cynthia Irvine , Geoffrey Smith, A sound type system for secure flow analysis, Journal of Computer Security, v.4 n.2-3, p.167-187, Jan. 1996

CITED BY  119
Dan S. Wallach , Andrew W. Appel , Edward W. Felten, SAFKASI: a security mechanism for language-based systems, ACM Transactions on Software Engineering and Methodology (TOSEM), v.9 n.4, p.341-378, Oct. 2000
Dan Grossman , Greg Morrisett , Steve Zdancewic, Syntactic type abstraction, ACM Transactions on Programming Languages and Systems (TOPLAS), v.22 n.6, p.1037-1080, Nov. 2000
Steve Zdancewic , Lantian Zheng , Nathaniel Nystrom , Andrew C. Myers, Untrusted hosts and confidentiality: secure program partitioning, ACM SIGOPS Operating Systems Review, v.35 n.5, Dec. 2001
Stephen Chong , Andrew C. Myers, Security policies for downgrading, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA
Jan Vitek , Boris Bokowski, Confined types, ACM SIGPLAN Notices, v.34 n.10, p.82-96, Oct. 1999
Dennis Volpano , Geoffrey Smith, Verifying secrets and relative secrecy, Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.268-276, January 19-21, 2000, Boston, MA, USA
Ciarán Bryce , Chrislain Razafimahefa, An approach to safe object sharing, ACM SIGPLAN Notices, v.35 n.10, p.367-381, Oct. 2000
Vijayalakshmi Atluri , Soon Ae Chun , Pietro Mazzoleni, A Chinese wall security model for decentralized workflow systems, Proceedings of the 8th ACM conference on Computer and Communications Security, November 05-08, 2001, Philadelphia, PA, USA
John Viega , J. T. Bloch , Tadayoshi Kohno , Gary McGraw, Token-based scanning of source code for security problems, ACM Transactions on Information and System Security (TISSEC), v.5 n.3, p.238-261, August 2002
Naoya Nitta , Yoshiaki Takata , Hiroyuki Seki, An efficient security verification method for programs with stack inspection, Proceedings of the 8th ACM conference on Computer and Communications Security, November 05-08, 2001, Philadelphia, PA, USA
P. Bieber , J. Cazin , P. Girard , J.-L. Lanet , V. Wiels , G. Zanon, Checking secure interactions of smart card applets: extended version, Journal of Computer Security, v.10 n.4, p.369-398, December 2002
Martín Abadi , Bruno Blanchet, Analyzing security protocols with secrecy types and logic programs, ACM SIGPLAN Notices, v.37 n.1, p.33-44, Jan. 2002
François Pottier , Vincent Simonet, Information flow inference for ML, ACM SIGPLAN Notices, v.37 n.1, p.319-330, Jan. 2002
Steve Zdancewic , Lantian Zheng , Nathaniel Nystrom , Andrew C. Myers, Secure program partitioning, ACM Transactions on Computer Systems (TOCS), v.20 n.3, p.283-328, August 2002
Gérard Boudol , Ilaria Castellani, Noninterference for concurrent programs and thread systems, Theoretical Computer Science, v.281 n.1-2, p.109-130, June 3 2002
Martín Abadi , Anindya Banerjee , Nevin Heintze , Jon G. Riecke, A core calculus of dependency, Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.147-160, January 20-22, 1999, San Antonio, Texas, United States
Kevin W. Hamlen , Greg Morrisett , Fred B. Schneider, Computability classes for enforcement mechanisms, ACM Transactions on Programming Languages and Systems (TOPLAS), v.28 n.1, p.175-205, January 2006
Ian Welch , Robert J. Stroud, Using reflection as a mechanism for enforcing security policies on compiled code, Journal of Computer Security, v.10 n.4, p.399-432, December 2002
G. Edward Suh , Dwaine Clarke , Blaise Gassend , Marten van Dijk , Srinivas Devadas, AEGIS: architecture for tamper-evident and tamper-resistant processing, Proceedings of the 17th annual international conference on Supercomputing, June 23-26, 2003, San Francisco, CA, USA
Cédric Fournet , Andrew D. Gordon, Stack inspection: theory and variants, ACM SIGPLAN Notices, v.37 n.1, p.307-318, Jan. 2002
Steve Zdancewic , Dan Grossman , Greg Morrisett, Principals in programming languages: a syntactic proof technique, ACM SIGPLAN Notices, v.34 n.9, p.197-207, Sept. 1999
Gary McGraw , Greg Morrisett, Attacking Malicious Code: A Report to the Infosec Research Council, IEEE Software, v.17 n.5, p.33-41, September 2000
Paul T. Darga , Chandrasekhar Boyapati, Efficient software model checking of data structure properties, ACM SIGPLAN Notices, v.41 n.10, October 2006
Shih-Chien Chou, Embedding role-based access control model in object-oriented systems to protect privacy, Journal of Systems and Software, v.71 n.1-2, p.143-161, April 2004
Nobuko Yoshida, Channel dependent types for higher-order mobile processes, ACM SIGPLAN Notices, v.39 n.1, p.147-160, January 2004
Shih-Chien Chou, Providing flexible access control to an information flow control model, Journal of Systems and Software, v.73 n.3, p.425-439, November-December 2004
Johan Agat, Transforming out timing leaks, Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.40-53, January 19-21, 2000, Boston, MA, USA
Andrew C. Myers , Barbara Liskov, Protecting privacy using the decentralized label model, ACM Transactions on Software Engineering and Methodology (TOSEM), v.9 n.4, p.410-442, Oct. 2000
John Hale , Mauricio Papa , Sujeet Shenoi, Programmable access control, Journal of Computer Security, v.11 n.3, p.331-351, 1 March 2003
Philip W. L. Fong, Pluggable verification modules: an extensible protection mechanism for the JVM, ACM SIGPLAN Notices, v.39 n.10, October 2004
Yao-Wen Huang , Fang Yu , Christian Hang , Chung-Hung Tsai , Der-Tsai Lee , Sy-Yen Kuo, Securing web application code by static analysis and runtime protection, Proceedings of the 13th international conference on World Wide Web, May 17-20, 2004, New York, NY, USA
François Pottier , Vincent Simonet, Information flow inference for ML, ACM Transactions on Programming Languages and Systems (TOPLAS), v.25 n.1, p.117-158, January 2003
Weidong Shi , Hsien-Hsin S. Lee , Chenghuai Lu , Tao Zhang, Attacks and risk analysis for hardware supported software copy protection systems, Proceedings of the 4th ACM workshop on Digital rights management, October 25-25, 2004, Washington DC, USA
Jonathan Aldrich , Valentin Kostadinov , Craig Chambers, Alias annotations for program understanding, ACM SIGPLAN Notices, v.37 n.11, November 2002
Gilles Barthe , Tamara Rezk, Non-interference for a JVM-like language, Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation, p.103-112, January 10-10, 2005, Long Beach, California, USA
Yolanta Beres , Chris I. Dalton, Dynamic label binding at run-time, Proceedings of the 2003 workshop on New security paradigms, August 18-21, 2003, Ascona, Switzerland
Peng Li , Steve Zdancewic, Downgrading policies and relaxed noninterference, ACM SIGPLAN Notices, v.40 n.1, p.158-170, January 2005
Xiaodong Jiang , James A. Landay, Modeling Privacy Control in Context-Aware Systems, IEEE Pervasive Computing, v.1 n.3, p.59-63, July 2002
Roberto Barbuti , Cinzia Bernardeschi , Nicoletta De Francesco, Checking security of Java bytecode by abstract interpretation, Proceedings of the 2002 ACM symposium on Applied computing, March 11-14, 2002, Madrid, Spain
Denis Caromel , Julien Vayssière, A security framework for reflective Java applications, Software—Practice & Experience, v.33 n.9, p.821-846, 25 July 2003
Rachid Echahed , Frédéric Prost , Wendelin Serwe, Statically assuring secrecy for dynamic concurrent processes, Proceedings of the 5th ACM SIGPLAN international conference on Principles and practice of declaritive programming, p.91-101, August 27-29, 2003, Uppsala, Sweden
Cédric Fournet , Andrew D. Gordon, Stack inspection: Theory and variants, ACM Transactions on Programming Languages and Systems (TOPLAS), v.25 n.3, p.360-399, May 2003
Shih-Chien Chou , An-Feng Liu , Chien-Jung Wu, Preventing information leakage within workflows that execute among competing organizations, Journal of Systems and Software, v.75 n.1-2, p.109-123, 15 February 2005
Martín Abadi , Bruno Blanchet, Analyzing security protocols with secrecy types and logic programs, Journal of the ACM (JACM), v.52 n.1, p.102-146, January 2005
Shih-Chien Chou, An agent-based inter-application information flow control model, Journal of Systems and Software, v.75 n.1-2, p.179-187, 15 February 2005
Vijayalakshmi Atluri , Soon Ae Chun , Pietro Mazzoleni, Chinese wall security for decentralized workflow management systems, Journal of Computer Security, v.12 n.6, p.799-840, December 2004
Torben Amtoft , Sruthi Bandhakavi , Anindya Banerjee, A logic for information flow in object-oriented programs, ACM SIGPLAN Notices, v.41 n.1, p.91-102, January 2006
Martín Abadi , Bruno Blanchet, Secrecy types for asymmetric communication, Theoretical Computer Science, v.298 n.3, p.387-415, 11 April 2003
Shih-Chien Chou , Chin-Yi Chang, An information flow control model for C applications based on access control lists, Journal of Systems and Software, v.78 n.1, p.84-100, October 2005
Daniel S. Dantas , David Walker, Harmless advice, ACM SIGPLAN Notices, v.41 n.1, p.383-396, January 2006
Micha Moffie , David Kaeli, ASM: application security monitor, ACM SIGARCH Computer Architecture News, v.33 n.5, December 2005
Scott F. Smith , Mark Thober, Refactoring programs to secure information flows, Proceedings of the 2006 workshop on Programming languages and analysis for security, June 10-10, 2006, Ottawa, Ontario, Canada
Shih-Chien Chou , Yuan-Chien Chen, Managing role relationships in an information flow control model, Journal of Systems and Software, v.79 n.4, p.507-522, April 2006
C. Bernardeschi , N. De Francesco , G. Lettieri , L. Martini, Checking secure information flow in java bytecode by code transformation and standard bytecode verification, Software—Practice & Experience, v.34 n.13, p.1225-1255, 10 November 2004
Keith Irwin , Ting Yu , William H. Winsborough, Avoiding information leakage in security-policy-aware planning, Proceedings of the 7th ACM workshop on Privacy in the electronic society, October 27-27, 2008, Alexandria, Virginia, USA
Stephen Chong , K. Vikram , Andrew C. Myers, SIF: enforcing confidentiality and integrity in web applications, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, p.1-16, August 06-10, 2007, Boston, MA
Neil Vachharajani , Matthew J. Bridges , Jonathan Chang , Ram Rangan , Guilherme Ottoni , Jason A. Blome , George A. Reis , Manish Vachharajani , David I. August, RIFLE: An Architectural Framework for User-Centric Information-Flow Security, Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture, p.243-254, December 04-08, 2004, Portland, Oregon
Srijith K. Nair , Patrick N. D. Simpson , Bruno Crispo , Andrew S. Tanenbaum, A Virtual Machine Based Information Flow Control System for Policy Enforcement, Electronic Notes in Theoretical Computer Science (ENTCS), v.197 n.1, p.3-16, February, 2008
Vivek Haldar , Michael Franz, Towards trusted systems from the ground up, Proceedings of the 10th workshop on ACM SIGOPS European workshop: beyond the PC, July 01-01, 2002, Saint-Emilion, France
Sruthi Bandhakavi , Charles C. Zhang , Marianne Winslett, Super-sticky and declassifiable release policies for flexible information dissemination control, Proceedings of the 5th ACM workshop on Privacy in electronic society, October 30-30, 2006, Alexandria, Virginia, USA
Zhenyue Deng , Geoffrey Smith, Type inference and informative error reporting for secure information flow, Proceedings of the 44th annual southeast regional conference, March 10-12, 2006, Melbourne, Florida
Robert Grimm, Better extensibility through modular syntax, ACM SIGPLAN Notices, v.41 n.6, June 2006
Katia Hristova , Tom Rothamel , Yanhong A. Liu , Scott D. Stoller, Efficient type inference for secure information flow, Proceedings of the 2006 workshop on Programming languages and analysis for security, June 10-10, 2006, Ottawa, Ontario, Canada
Hiroshi Unno , Naoki Kobayashi , Akinori Yonezawa, Combining type-based analysis and model checking for finding counterexamples against non-interference, Proceedings of the 2006 workshop on Programming languages and analysis for security, June 10-10, 2006, Ottawa, Ontario, Canada
Gilles Barthe , Tamara Rezk , Amitabh Basu, Security types preserving compilation, Computer Languages, Systems and Structures, v.33 n.2, p.35-59, July, 2007
Micha Moffie , Winnie Cheng , David Kaeli , Qin Zhao, Hunting Trojan Horses, Proceedings of the 1st workshop on Architectural and system support for improving software dependability, p.12-17, October 21-21, 2006, San Jose, California
Scott F. Smith , Mark Thober, Improving usability of information flow security in java, Proceedings of the 2007 workshop on Programming languages and analysis for security, June 14-14, 2007, San Diego, California, USA
V. Benjamin Livshits , Monica S. Lam, Finding security vulnerabilities in java applications with static analysis, Proceedings of the 14th conference on USENIX Security Symposium, p.18-18, July 31-August 05, 2005, Baltimore, MD
Karl Mazurak , Steve Zdancewic, ABASH: finding bugs in bash scripts, Proceedings of the 2007 workshop on Programming languages and analysis for security, June 14-14, 2007, San Diego, California, USA
Martín Abadi, Access Control in a Core Calculus of Dependency, Electronic Notes in Theoretical Computer Science (ENTCS), 172, p.5-31, April, 2007
Vivek Haldar , Deepak Chandra , Michael Franz, Semantic remote attestation: a virtual machine directed approach to trusted computing, Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium, p.3-3, May 06-07, 2004, San Jose, California
Nicoletta De Francesco , Luca Martini, Instruction-level security analysis for information flow in stack-based assembly languages, Information and Computation, v.205 n.9, p.1334-1370, September, 2007
Martín Abadi, Access control in a core calculus of dependency, ACM SIGPLAN Notices, v.41 n.9, September 2006
Tom Chothia , Dominic Duggan , Ye Wu, An End-To-End Approach to Distributed Policy Language Implementation, Electronic Notes in Theoretical Computer Science (ENTCS), v.171 n.4, p.3-21, July, 2007
Anindya Banerjee , David A. Naumann , Stan Rosenberg, Towards a logical account of declassification, Proceedings of the 2007 workshop on Programming languages and analysis for security, June 14-14, 2007, San Diego, California, USA
Boniface Hicks , Dave King , Patrick McDaniel, Jifclipse: development tools for security-typed languages, Proceedings of the 2007 workshop on Programming languages and analysis for security, June 14-14, 2007, San Diego, California, USA
Bin Xin , Xiangyu Zhang, Efficient online detection of dynamic control dependence, Proceedings of the 2007 international symposium on Software testing and analysis, July 09-12, 2007, London, United Kingdom
James Clause , Wanchun Li , Alessandro Orso, Dytan: a generic dynamic taint analysis framework, Proceedings of the 2007 international symposium on Software testing and analysis, July 09-12, 2007, London, United Kingdom
R. Rukšėnas , P. Curzon , A. Blandford, Detecting Cognitive Causes of Confidentiality Leaks, Electronic Notes in Theoretical Computer Science (ENTCS), 183, p.21-38, July, 2007
Isabelle Attali , Denis Caromel , Ludovic Henrio , Felipe Luna Del Aguila, Secured Information Flow for Asynchronous Sequential Processes, Electronic Notes in Theoretical Computer Science (ENTCS), v.180 n.1, p.17-34, June, 2007
Stephen McCamant , Michael D. Ernst, A simulation-based proof technique for dynamic information flow, Proceedings of the 2007 workshop on Programming languages and analysis for security, June 14-14, 2007, San Diego, California, USA
Geoffrey Smith, Improved typings for probabilistic noninterference in a multi-threaded language, Journal of Computer Security, v.14 n.6, p.591-623, November 2006
Feng Qin , Cheng Wang , Zhenmin Li , Ho-seop Kim , Yuanyuan Zhou , Youfeng Wu, LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks, Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture, p.135-148, December 09-13, 2006
Anindya Banerjee , David A. Naumann, Stack-based access control and secure information flow, Journal of Functional Programming, v.15 n.2, p.131-177, March 2005
Karl Crary , Aleksey Kliger , Frank Pfenning, A monadic analysis of information flow security with mutable state, Journal of Functional Programming, v.15 n.2, p.249-291, March 2005
Petros Efstathopoulos , Eddie Kohler, Manageable fine-grained information flow, ACM SIGOPS Operating Systems Review, v.42 n.4, May 2008
Salvador Cavadini, Secure slices of insecure programs, Proceedings of the 2008 ACM symposium on Information, computer and communications security, March 18-20, 2008, Tokyo, Japan
Steve Zdancewic , Andrew C. Myers, Secure Information Flow via Linear Continuations, Higher-Order and Symbolic Computation, v.15 n.2-3, p.209-234, September 2002
Ciarán Bryce , Jan Vitek, The JavaSeal Mobile Agent Kernel, Autonomous Agents and Multi-Agent Systems, v.4 n.4, p.359-384, December 2001
Ilaria Castellani, State-oriented Noninterference for CCS, Electronic Notes in Theoretical Computer Science (ENTCS), v.194 n.1, p.39-60, November, 2007
Christian Hammer , Rüdiger Schaade , Gregor Snelting, Static path conditions for Java, Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security, June 07-13, 2008, Tucson, AZ, USA
Sandra Rueda , Dave King , Trent Jaeger, Verifying compliance of trusted programs, Proceedings of the 17th conference on Security symposium, p.321-334, July 28-August 01, 2008, San Jose, CA
Paritosh Shroff , Scott F. Smith , Mark Thober, Securing information flow via dynamic capture of dependencies, Journal of Computer Security, v.16 n.5, p.637-688, November 2008
Dorina Ghindici , Gilles Grimaud , Isabelle Simplot-Ryl, Embedding verifiable information flow analysis, Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services, October 30-November 01, 2006, Markham, Ontario, Canada
Stephen McCamant , Michael D. Ernst, Quantitative information flow as network flow capacity, ACM SIGPLAN Notices, v.43 n.6, June 2008
Kohei Honda , Nobuko Yoshida, A uniform type structure for secure information flow, ACM Transactions on Programming Languages and Systems (TOPLAS), v.29 n.6, p.31-es, October 2007
Torben Amtoft , Anindya Banerjee, Verification condition generation for conditional information flow, Proceedings of the 2007 ACM workshop on Formal methods in security engineering, p.2-11, November 02-02, 2007, Fairfax, Virginia, USA
Eric Van Wyk, Implementing aspect-oriented programming constructs as modular language extensions, Science of Computer Programming, v.68 n.1, p.38-61, August, 2007
Stephen Chong , Jed Liu , Andrew C. Myers , Xin Qi , K. Vikram , Lantian Zheng , Xin Zheng, Secure web application via automatic partitioning, ACM SIGOPS Operating Systems Review, v.41 n.6, December 2007
Monica S. Lam , Michael Martin , Benjamin Livshits , John Whaley, Securing web applications with static and dynamic information flow tracking, Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation, p.3-12, January 07-08, 2008, San Francisco, California, USA
Peeter Laud, On the computational soundness of cryptographically masked flows, ACM SIGPLAN Notices, v.43 n.1, January 2008
Annalisa Bossi , Carla Piazza , Sabina Rossi, Compositional information flow security for concurrent programs, Journal of Computer Security, v.15 n.3, p.373-416, August 2007
Michael Roberson , Melanie Harries , Paul T. Darga , Chandrasekhar Boyapati, Efficient software model checking of soundness of type systems, ACM SIGPLAN Notices, v.43 n.10, September 2008
Nathaniel Nystrom , Vijay Saraswat , Jens Palsberg , Christian Grothoff, Constrained types for object-oriented languages, ACM SIGPLAN Notices, v.43 n.10, September 2008
Walter Chang , Brandon Streiff , Calvin Lin, Efficient and extensible security enforcement using dynamic data flow analysis, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA
Dave King , Trent Jaeger , Somesh Jha , Sanjit A. Seshia, Effective blame for information-flow violations, Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering, November 09-14, 2008, Atlanta, Georgia
Kim Bruce , Stephen N. Freund, Programming languages as part of core computer science, ACM SIGPLAN Notices, v.43 n.11, November 2008
Aslan Askarov , Andrei Sabelfeld, Catch me if you can: permissive yet secure error handling, Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security, June 15-21, 2009, Dublin, Ireland
Manuel Costa , Jon Crowcroft , Miguel Castro , Antony Rowstron , Lidong Zhou , Lintao Zhang , Paul Barham, Vigilante: End-to-end containment of Internet worm epidemics, ACM Transactions on Computer Systems (TOCS), v.26 n.4, p.1-68, December 2008
Stephen Chong , Jed Liu , Andrew C. Myers , Xin Qi , K. Vikram , Lantian Zheng , Xin Zheng, Building secure web applications with automatic partitioning, Communications of the ACM, v.52 n.2, February 2009
Marco Pistoia , Úlfar Erlingsson, Programming languages and program analysis for security: a three-year retrospective, ACM SIGPLAN Notices, v.43 n.12, December 2008
Yin Liu , Ana Milanova, Static analysis for inference of explicit information flow, Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering, November 09-10, 2008, Atlanta, Georgia
Omer Tripp , Marco Pistoia , Stephen J. Fink , Manu Sridharan , Omri Weisman, TAJ: effective taint analysis of web applications, ACM SIGPLAN Notices, v.44 n.6, June 2009
Ziqing Mao , Ninghui Li , Hong Chen , Xuxian Jiang, Trojan horse resistant discretionary access control, Proceedings of the 14th ACM symposium on Access control models and technologies, June 03-05, 2009, Stresa, Italy
Limin Jia , Steve Zdancewic, Encoding information flow in Aura, Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security, June 15-21, 2009, Dublin, Ireland
Horatiu Cirstea , Pierre-Etienne Moreau , Anderson Santana de Oliveira, Rewrite Based Specification of Access Control Policies, Electronic Notes in Theoretical Computer Science (ENTCS), 234, p.37-54, March, 2009
Indrajit Roy , Donald E. Porter , Michael D. Bond , Kathryn S. McKinley , Emmett Witchel, Laminar: practical fine-grained decentralized information flow control, ACM SIGPLAN Notices, v.44 n.6, June 2009
Avraham Shinnar , Marco Pistoia , Anindya Banerjee, A language for information flow: dynamic tracking in multiple interdependent dimensions, Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security, June 15-21, 2009, Dublin, Ireland
Thomas H. Austin , Cormac Flanagan, Efficient purely-dynamic information flow analysis, Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security, June 15-21, 2009, Dublin, Ireland

INDEX TERMS

Primary Classification:
  D. Software
  D.3 PROGRAMMING LANGUAGES
      D.3.2 Language Classifications

          Nouns: Java

Additional Classification:
  D. Software
  D.3 PROGRAMMING LANGUAGES
      D.3.4 Processors
          Subjects: Compilers
  D.4 OPERATING SYSTEMS

  F. Theory of Computation
  F.4 MATHEMATICAL LOGIC AND FORMAL LANGUAGES

  K. Computing Milieux
  K.4 COMPUTERS AND SOCIETY
      K.4.1 Public Policy Issues
          Subjects: Privacy


General Terms:
Reliability, Security

Collaborative Colleagues:
Andrew C. Myers: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player