M. Abadi, A. Banerjee, N. Heintze & J. Riecke (1999):
A core calculus of dependency.
In: Proc. of the 26th Annual ACM SIGPLAN-SIGACT Symp. on Principles of Programming Languages (POPL '99).
ACM-Press,
pp. 147–160,
doi:10.1145/292540.292555.
A. Askarov & A. Sabelfeld (2007):
Gradual Release: Unifying Declassification, Encryption and Key Release Policies.
In: Proc. IEEE Symp. on Security and Privacy.
IEEE Comp. Soc. Press,
pp. 207–221,
doi:10.1109/SP.2007.22.
M. Balliu, M. Dam & G. Le Guernic (2011):
Epistemic Temporal Logic for Information Flow Security.
In: Proc. of the 2011 workshop on Programming languages and analysis for security.
ACM Press,
doi:10.1145/2166956.2166962.
M. Balliu & I. Mastroeni (2010):
A Weakest Precondition Approach to Robustness.
LNCS Transactions on Computational Science 10,
pp. 261 – 297,
doi:10.1007/978-3-642-17499-5_11.
A. Banerjee, R. Giacobazzi & I. Mastroeni (2007):
What you lose is what you leak: Information leakage in declassifivation policies.
In: Proc. of the 23th Internat. Symp. on Mathematical Foundations of Programming Semantics (MFPS '07\/),
Electronic Notes in Theoretical Computer Science 1514.
Elsevier,
doi:10.1016/j.entcs.2007.02.027.
A. Banerjee, D. A. Naumann & S. Rosenberg (2008):
Expressive Declassification Policies and Modular Static Enforcement.
In: IEEE Symp. on Security and Privacy,
pp. 339 – 353,
doi:10.1109/SP.2008.20.
E. S. Cohen (1977):
Information transmission in computational systems.
ACM SIGOPS Operating System Review 11(5),
pp. 133–139,
doi:10.1145/1067625.806556.
C. Collberg, C. D. Thomborson & D. Low (1998):
Manufactoring Cheap, Resilient, and Stealthy Opaque Constructs.
In: Proc. of Conf. Record of the 25st ACM Symp. on Principles of Programming Languages (POPL '98\/).
ACM Press,
pp. 184–196,
doi:10.1145/268946.268962.
P. Cousot (2002):
Constructive design of a hierarchy of semantics of a transition system by abstract interpretation.
Theor. Comput. Sci. 277(1-2),
pp. 47–103,
doi:10.1016/S0304-3975(00)00313-3.
P. Cousot & R. Cousot (1977):
Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints.
In: Conference Record of the 4th ACM Symposium on Principles of Programming Languages (POPL '77\/).
ACM Press,
pp. 238–252,
doi:10.1145/512950.512973.
P. Cousot & R. Cousot (1979):
Systematic design of program analysis frameworks.
In: Conference Record of the 6th ACM Symposium on Principles of Programming Languages (POPL '79\/).
ACM Press,
pp. 269–282,
doi:10.1145/567752.567778.
M. Dalla Preda & R. Giacobazzi (2009):
Semantic-based Code Obfuscation by Abstract Interpretation.
Journal of Computer Security 17(6),
pp. 855–908,
doi:10.1007/11523468_107.
M. Dalla Preda & I. Mastroeni (2013):
Chasing Infections by Unveiling Program Dependencies.
In: 1st International Workshop on Interference and Dependence (ID '13).
R. Giacobazzi, N. D. Jones & I. Mastroeni (2012):
Obfuscation by Partial Evaluation of Distorted Interpreters.
In: O. Kiselyov & S. Thompson: Proc. of the ACM SIGPLAN Symp. on Partial Evaluation and Semantics-Based Program Manipulation (PEPM'12).
ACM Press,
pp. 63 – 72,
doi:10.1145/2103746.2103761.
R. Giacobazzi & I. Mastroeni (2004):
Abstract Non-Interference: Parameterizing Non-Interference by Abstract Interpretation.
In: Proc. of the 31st Annual ACM SIGPLAN-SIGACT Symp. on Principles of Programming Languages (POPL '04).
ACM-Press,
pp. 186–197,
doi:10.1145/964001.964017.
R. Giacobazzi & I. Mastroeni (2010):
Adjoining classified and unclassified information by Abstract Interpretation.
Journal of Computer Security 18(5),
pp. 751 – 797,
doi:10.3233/JCS-2009-0382.
R. Giacobazzi & I. Mastroeni (2010):
A Proof System for Abstract Non-Interference.
Journal of Logic and Computation 20,
pp. 449 – 479,
doi:10.1093/logcom/exp053.
R. Giacobazzi & E. Quintarelli (2001):
Incompleteness, counterexamples and refinements in abstract model-checking.
In: P. Cousot: Proc. of The 8th Internat. Static Analysis Symp. (SAS'01),
Lecture Notes in Computer Science 2126.
Springer-Verlag,
pp. 356–373,
doi:10.1007/3-540-47764-0_20.
R. Giacobazzi, F. Ranzato & F. Scozzari. (2000):
Making Abstract Interpretation Complete.
Journal of the ACM 47(2),
pp. 361–416,
doi:10.1145/333979.333989.
J. A. Goguen & J. Meseguer (1982):
Security policies and security models.
In: Proc. IEEE Symp. on Security and Privacy.
IEEE Comp. Soc. Press,
pp. 11–20.
S. Hunt & I. Mastroeni (2005):
The PER model of Abstract Non-Interference.
In: C. Hankin & I. Siveroni: Proc. of The 12th Internat. Static Analysis Symp. (SAS '05),
Lecture Notes in Computer Science 3672.
Springer-Verlag,
pp. 171–185,
doi:10.1007/11547662_13.
R. Joshi & K. R. M. Leino (2000):
A semantic approach to secure information flow.
Science of Computer Programming 37,
pp. 113–138,
doi:10.1016/S0167-6423(99)00024-6.
H. Mantel (2000):
Possibilistic definitions of security – an assemply kit –.
In: Proc. of the IEEE Computer Security Foundations Workshop.
IEEE Comp. Soc. Press,
pp. 185–199,
doi:10.1109/CSFW.2000.856936.
I. Mastroeni (2005):
On the Rôle of Abstract Non-interference in Language-Based Security.
In: K. Yi: Third Asian Symp. on Programming Languages and Systems (APLAS '05),
Lecture Notes in Computer Science 3780.
Springer-Verlag,
pp. 418–433,
doi:10.1007/11575467_27.
I. Mastroeni & A. Banerjee (2011):
Modelling Declassification Policies using Abstract Domain Completeness.
Mathematical Structures in Computer Science 21(6),
pp. 1253 – 1299,
doi:10.1017/S096012951100020X.
I. Mastroeni & D. Nikolic (2010):
An Abstract Unified Framework for (Abstract) Program Slicing.
In: 12th International Conference on Formal Engineering Methods, ICFEM 201,
Lecture Notes in Computer Science 6447.
Spinger-Verlag,
pp. 452–467,
doi:10.1007/978-3-642-16901-4_30.
I. Mastroeni & D. Zanardini (2008):
Data dependencies and program slicing: From syntax to abstract semantics.
In: Proc. of the ACM SIGPLAN Symp. on Partial Evaluation and Semantics-Based Program Manipulation (PEPM'08).
ACM Press,
pp. 125 – 134,
doi:10.1145/1328408.1328428.
J. McLean (1996):
A general theory of composition for a class of ``possibilistic'' properties.
IEEE Transactions on Software Engineering 22(1),
pp. 53 – 67,
doi:10.1109/32.481534.
A. C. Myers, S. Chong, N. Nystrom, L. Zheng & S. Zdancewic:
Jif: Java information flow. Software release.
Available at http://www.cs.cornell.edu/jif.
A. Sabelfeld & A. C. Myers (2004):
A model for delimited information release.
In: N. Yonezaki K. Futatsugi, F. Mizoguchi: Proc. of the International Symp. on Software Security (ISSS'03),
Lecture Notes in Computer Science 3233.
Springer-Verlag,
pp. 174–191,
doi:10.1007/978-3-540-37621-7_9.
A. Sabelfeld & A.C. Myers (2003):
Language-based information-flow security.
IEEE J. on selected ares in communications 21(1),
pp. 5–19,
doi:10.1109/JSAC.2002.806121.
A. Sabelfeld & D. Sands (2001):
A PER Model of Secure Information Flow in Sequential Programs.
Higher-Order and Symbolic Computation 14(1),
pp. 59–91,
doi:10.1023/A:1011553200337.
A. Sabelfeld & D. Sands (2007):
Declassification: Dimensions and Principles.
J. of Computer Security,
doi:10.3233/JCS-2009-0352.
P. Vogt, F. Nentwich, N. Jovanovic, E. Kirda, C. Krügel & G. Vigna (2007):
Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis.
In: NDSS.
M. Weiser (1981):
Program slicing.
In: ICSE '81: Proceedings of the 5th international conference on Software engineering.
IEEE Press,
pp. 439–449.