Language-based information-flow security (2003) [246 citations — 20 self]

Download:
pdf | ps

by Andrei Sabelfeld, Andrew C. Myers

IEEE Journal on Selected Areas in Communications

http://www.cs.cornell.edu/~andrei/./jsac.ps

Add To MetaCart

Popular Tags

No tags have been applied to this document.

BibTeX | Add To MetaCart

@ARTICLE{Sabelfeld03language-basedinformation-flow,
    author = {Andrei Sabelfeld and Andrew C. Myers},
    title = {Language-based information-flow security},
    journal = {IEEE Journal on Selected Areas in Communications},
    year = {2003},
    volume = {21},
    pages = {2003}
}

Years of Citing Articles

Abstract:

Abstract--- Current standard security practices do not provide substantial assurance that the end-to-end behavior of a computing system satisfies important security policies such as confidentiality. An end-to-end confidentiality policy might assert that secret input data cannot be inferred by an attacker through the attacker's observations of system output; this policy regulates information flow. Conventional security mechanisms such as access control and encryption do not directly address the enforcement of information-flow policies. Recently, a promising new approach has been developed: the use of programming-language techniques for specifying and enforcing information-flow policies. In this article we survey the past three decades of research on information-flow security, particularly focusing on work that uses static program analysis to enforce information-flow policies. We give a structured view of recent work in the area and identify some important open challenges. Index Terms--- Computer security, confidentiality, information flow, noninterference, security-type systems, covert channels,

Citations

2739	A mathematical theory of communication – Shannon - 1948
1267	Abstract interpretation : a unified lattice model for the static analysis of programs by construction or approximation of fixpoints – Cousot, Cousot - 1977
811	Proof-Carrying Code – Necula - 1997
795	A theory of objects – Abadi, Cardelli - 1996
703	On the security of public key protocols – Dolev, Yao - 1983
663	Mobile ambients – Cardelli, Gordon
607	A Calculus for Cryptographic Protocols: The Spi Calculus – Abadi, Gordon - 1999
588	Compiling with Continuations – Appel - 1992
584	End-to-end arguments in system design – Saltzer, Reed, et al. - 1984
578	Efficient software-based fault isolation – Wahbe, Lucco, et al. - 1993
483	From System F to typed assembly language – Morrisett, Walker, et al. - 1998
433	Security policies and security models – Goguen, Meseguer - 1982
409	Cryptography and Data Security – Denning - 1984
335	The protection of information in computer systems – Saltzer, Schroeder - 1975
330	Bisimulation through probabilistic testing – Larsen, Skou - 1991
329	A lattice model of secure information flow – Denning - 1976
242	A sound type system for secure flow analysis – Volpano, Smith, et al. - 1996
240	A note on the confinement problem – Lampson - 1973
240	Secure computer systems: Mathematical foundations – Bell, LaPadula - 1973
231	Integrity considerations for secure computer systems – Biba - 1977
231	Certification of programs for secure information flow – Denning, Denning - 1977
230	JFlow: Practical Mostly-Static Information Flow Control – Myers - 1999
225	Secrecy by typing in security protocols – Abadi - 1997
212	Dependent types in practical programming – Xi, Pfenning - 1999
196	Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems – Kocher - 1996
184	Programming semantics for multiprogrammed computations – HORN, C - 1966
179	The SLam calculus: programming with secrecy and integrity – Heintze, Riecke - 1998
153	Secure information flow in a multithreaded imperative language – Smith, Volpano - 1998
148	A core calculus of dependency – Abadi, Banerjee, et al. - 1999
146	SASI enforcement of security policies: A retrospective – Erlingsson, Schneider - 1999
144	The type-free lambda calculus – Barendregt - 1977
118	Unwinding and inference control – Goguen, Meseguer - 1984
116	Flexible policy-directed code safety – Evans, Twyman - 1999
114	A decentralized model for information flow control – Myers, Liskov - 1997
113	Information flow inference for ML – Pottier, Simonet, et al. - 2002
106	A general theory of composition for trace sets closed under selective interleaving functions – McLean - 1994
101	Compiling with Types – Morrisett - 1995
100	A Type-Based Approach to Program Security – Volpano, Smith - 1997
96	Transforming out timing leaks – Agat - 2000
90	A Model of Information – Sutherland - 1986
86	Robust Declassification – Zdancewic, Myers - 2001
82	Security models and information flow – McLean - 1990
81	Specifications for multi-level security and a hook-up property – McCullough - 1987
80	Probabilistic noninterference for multithreaded programs – Sabelfeld, Sands - 2000
69	Probabilistic Noninterference in a Concurrent Language – Volpano, Smith - 1998
69	Secure information flow and pointer confinement in a java-like language – Banerjee, Naumann - 2002
68	A PER model of secure information flow in sequential programs – Sabelfeld, Sands
68	Noninterference and the composability of security properties – McCullough - 1988
67	H.: Approximate non-interference – Pierro, Hankin, et al. - 2004
65	Simple Object Access Protocol (SOAP) 1.1 – Box, Ehnebuske, et al. - 2000

View or Download | Add to My Collection | Correct Errors