References

  1. M. Abadi, A. Banerjee, N. Heintze & J. Riecke (1999): A core calculus of dependency. In: Proc. of the 26th Annual ACM SIGPLAN-SIGACT Symp. on Principles of Programming Languages (POPL '99). ACM-Press, pp. 147–160, doi:10.1145/292540.292555.
  2. A. Askarov & A. Sabelfeld (2007): Gradual Release: Unifying Declassification, Encryption and Key Release Policies. In: Proc. IEEE Symp. on Security and Privacy. IEEE Comp. Soc. Press, pp. 207–221, doi:10.1109/SP.2007.22.
  3. M. Balliu, M. Dam & G. Le Guernic (2011): Epistemic Temporal Logic for Information Flow Security. In: Proc. of the 2011 workshop on Programming languages and analysis for security. ACM Press, doi:10.1145/2166956.2166962.
  4. M. Balliu & I. Mastroeni (2010): A Weakest Precondition Approach to Robustness. LNCS Transactions on Computational Science 10, pp. 261 – 297, doi:10.1007/978-3-642-17499-5_11.
  5. A. Banerjee, R. Giacobazzi & I. Mastroeni (2007): What you lose is what you leak: Information leakage in declassifivation policies. In: Proc. of the 23th Internat. Symp. on Mathematical Foundations of Programming Semantics (MFPS '07\/), Electronic Notes in Theoretical Computer Science 1514. Elsevier, doi:10.1016/j.entcs.2007.02.027.
  6. A. Banerjee, D. A. Naumann & S. Rosenberg (2008): Expressive Declassification Policies and Modular Static Enforcement. In: IEEE Symp. on Security and Privacy, pp. 339 – 353, doi:10.1109/SP.2008.20.
  7. E. S. Cohen (1977): Information transmission in computational systems. ACM SIGOPS Operating System Review 11(5), pp. 133–139, doi:10.1145/1067625.806556.
  8. C. Collberg, C. D. Thomborson & D. Low (1998): Manufactoring Cheap, Resilient, and Stealthy Opaque Constructs. In: Proc. of Conf. Record of the 25st ACM Symp. on Principles of Programming Languages (POPL '98\/). ACM Press, pp. 184–196, doi:10.1145/268946.268962.
  9. P. Cousot (2002): Constructive design of a hierarchy of semantics of a transition system by abstract interpretation. Theor. Comput. Sci. 277(1-2), pp. 47–103, doi:10.1016/S0304-3975(00)00313-3.
  10. P. Cousot & R. Cousot (1977): Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Conference Record of the 4th ACM Symposium on Principles of Programming Languages (POPL '77\/). ACM Press, pp. 238–252, doi:10.1145/512950.512973.
  11. P. Cousot & R. Cousot (1979): Systematic design of program analysis frameworks. In: Conference Record of the 6th ACM Symposium on Principles of Programming Languages (POPL '79\/). ACM Press, pp. 269–282, doi:10.1145/567752.567778.
  12. M. Dalla Preda & R. Giacobazzi (2009): Semantic-based Code Obfuscation by Abstract Interpretation. Journal of Computer Security 17(6), pp. 855–908, doi:10.1007/11523468_107.
  13. M. Dalla Preda & I. Mastroeni (2013): Chasing Infections by Unveiling Program Dependencies. In: 1st International Workshop on Interference and Dependence (ID '13).
  14. R. Giacobazzi, N. D. Jones & I. Mastroeni (2012): Obfuscation by Partial Evaluation of Distorted Interpreters. In: O. Kiselyov & S. Thompson: Proc. of the ACM SIGPLAN Symp. on Partial Evaluation and Semantics-Based Program Manipulation (PEPM'12). ACM Press, pp. 63 – 72, doi:10.1145/2103746.2103761.
  15. R. Giacobazzi & I. Mastroeni (2004): Abstract Non-Interference: Parameterizing Non-Interference by Abstract Interpretation. In: Proc. of the 31st Annual ACM SIGPLAN-SIGACT Symp. on Principles of Programming Languages (POPL '04). ACM-Press, pp. 186–197, doi:10.1145/964001.964017.
  16. R. Giacobazzi & I. Mastroeni (2010): Adjoining classified and unclassified information by Abstract Interpretation. Journal of Computer Security 18(5), pp. 751 – 797, doi:10.3233/JCS-2009-0382.
  17. R. Giacobazzi & I. Mastroeni (2010): A Proof System for Abstract Non-Interference. Journal of Logic and Computation 20, pp. 449 – 479, doi:10.1093/logcom/exp053.
  18. R. Giacobazzi & E. Quintarelli (2001): Incompleteness, counterexamples and refinements in abstract model-checking. In: P. Cousot: Proc. of The 8th Internat. Static Analysis Symp. (SAS'01), Lecture Notes in Computer Science 2126. Springer-Verlag, pp. 356–373, doi:10.1007/3-540-47764-0_20.
  19. R. Giacobazzi, F. Ranzato & F. Scozzari. (2000): Making Abstract Interpretation Complete. Journal of the ACM 47(2), pp. 361–416, doi:10.1145/333979.333989.
  20. J. A. Goguen & J. Meseguer (1982): Security policies and security models. In: Proc. IEEE Symp. on Security and Privacy. IEEE Comp. Soc. Press, pp. 11–20.
  21. S. Hunt & I. Mastroeni (2005): The PER model of Abstract Non-Interference. In: C. Hankin & I. Siveroni: Proc. of The 12th Internat. Static Analysis Symp. (SAS '05), Lecture Notes in Computer Science 3672. Springer-Verlag, pp. 171–185, doi:10.1007/11547662_13.
  22. R. Joshi & K. R. M. Leino (2000): A semantic approach to secure information flow. Science of Computer Programming 37, pp. 113–138, doi:10.1016/S0167-6423(99)00024-6.
  23. H. Mantel (2000): Possibilistic definitions of security – an assemply kit –. In: Proc. of the IEEE Computer Security Foundations Workshop. IEEE Comp. Soc. Press, pp. 185–199, doi:10.1109/CSFW.2000.856936.
  24. I. Mastroeni (2005): On the Rôle of Abstract Non-interference in Language-Based Security. In: K. Yi: Third Asian Symp. on Programming Languages and Systems (APLAS '05), Lecture Notes in Computer Science 3780. Springer-Verlag, pp. 418–433, doi:10.1007/11575467_27.
  25. I. Mastroeni & A. Banerjee (2011): Modelling Declassification Policies using Abstract Domain Completeness. Mathematical Structures in Computer Science 21(6), pp. 1253 – 1299, doi:10.1017/S096012951100020X.
  26. I. Mastroeni & D. Nikolic (2010): An Abstract Unified Framework for (Abstract) Program Slicing. In: 12th International Conference on Formal Engineering Methods, ICFEM 201, Lecture Notes in Computer Science 6447. Spinger-Verlag, pp. 452–467, doi:10.1007/978-3-642-16901-4_30.
  27. I. Mastroeni & D. Zanardini (2008): Data dependencies and program slicing: From syntax to abstract semantics. In: Proc. of the ACM SIGPLAN Symp. on Partial Evaluation and Semantics-Based Program Manipulation (PEPM'08). ACM Press, pp. 125 – 134, doi:10.1145/1328408.1328428.
  28. J. McLean (1996): A general theory of composition for a class of ``possibilistic'' properties. IEEE Transactions on Software Engineering 22(1), pp. 53 – 67, doi:10.1109/32.481534.
  29. A. C. Myers, S. Chong, N. Nystrom, L. Zheng & S. Zdancewic: Jif: Java information flow. Software release. Available at http://www.cs.cornell.edu/jif.
  30. A. Sabelfeld & A. C. Myers (2004): A model for delimited information release. In: N. Yonezaki K. Futatsugi, F. Mizoguchi: Proc. of the International Symp. on Software Security (ISSS'03), Lecture Notes in Computer Science 3233. Springer-Verlag, pp. 174–191, doi:10.1007/978-3-540-37621-7_9.
  31. A. Sabelfeld & A.C. Myers (2003): Language-based information-flow security. IEEE J. on selected ares in communications 21(1), pp. 5–19, doi:10.1109/JSAC.2002.806121.
  32. A. Sabelfeld & D. Sands (2001): A PER Model of Secure Information Flow in Sequential Programs. Higher-Order and Symbolic Computation 14(1), pp. 59–91, doi:10.1023/A:1011553200337.
  33. A. Sabelfeld & D. Sands (2007): Declassification: Dimensions and Principles. J. of Computer Security, doi:10.3233/JCS-2009-0352.
  34. P. Vogt, F. Nentwich, N. Jovanovic, E. Kirda, C. Krügel & G. Vigna (2007): Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis. In: NDSS.
  35. M. Weiser (1981): Program slicing. In: ICSE '81: Proceedings of the 5th international conference on Software engineering. IEEE Press, pp. 439–449.
Comments and questions to: eptcs@eptcs.org
For website issues: webmaster@eptcs.org