Multiple facets for dynamic information flow
TH Austin, C Flanagan - Proceedings of the 39th annual ACM SIGPLAN …, 2012 - dl.acm.org
JavaScript has become a central technology of the web, but it is also the source of many
security problems, including cross-site scripting attacks and malicious advertising code …
security problems, including cross-site scripting attacks and malicious advertising code …
If this then what? Controlling flows in IoT apps
IoT apps empower users by connecting a variety of otherwise unconnected services. These
apps (or applets) are triggered by external information sources to perform actions on …
apps (or applets) are triggered by external information sources to perform actions on …
Information-flow security for a core of JavaScript
D Hedin, A Sabelfeld - 2012 IEEE 25th Computer Security …, 2012 - ieeexplore.ieee.org
Tracking information flow in dynamic languages remains an important and intricate problem.
This paper makes substantial headway toward understanding the main challenges and …
This paper makes substantial headway toward understanding the main challenges and …
FlowFox: a web browser with flexible and precise information flow control
We present FlowFox, the first fully functional web browser that implements a precise and
general information flow control mechanism for web scripts based on the technique of …
general information flow control mechanism for web scripts based on the technique of …
A perspective on information-flow control
D Hedin, A Sabelfeld - Software safety and security, 2012 - ebooks.iospress.nl
Abstract Information-flow control tracks how information propagates through the program
during execution to make sure that the program handles the information securely. Secure …
during execution to make sure that the program handles the information securely. Secure …
Secure serverless computing using dynamic information flow control
The rise of serverless computing provides an opportunity to rethink cloud security. We
present an approach for securing serverless systems using a novel form of dynamic …
present an approach for securing serverless systems using a novel form of dynamic …
Information flow control in WebKit's JavaScript bytecode
Websites today routinely combine JavaScript from multiple sources, both trusted and
untrusted. Hence, JavaScript security is of paramount importance. A specific interesting …
untrusted. Hence, JavaScript security is of paramount importance. A specific interesting …
Run-time enforcement of information-flow properties on Android
Recent years have seen a dramatic increase in the number and importance of mobile
devices. The security properties that these devices provide to their applications, however …
devices. The security properties that these devices provide to their applications, however …
Establishing browser security guarantees through formal shim verification
Web browsers mediate access to valuable private data in domains ranging from health care
to banking. Despite this critical role, attackers routinely exploit browser vulnerabilities to …
to banking. Despite this critical role, attackers routinely exploit browser vulnerabilities to …
Expressing information flow properties
Industries and governments are increasingly compelled by regulations and public pressure
to handle sensitive information responsibly. Regulatory requirements and user expectations …
to handle sensitive information responsibly. Regulatory requirements and user expectations …