CiteSeerX — Search Results — A Self-correcting Information Flow Control Model for the Web-Browser

Results 1 - 10 of 1,554,151

JFlow: Practical Mostly-Static Information Flow Control

by Andrew C. Myers - In Proc. 26th ACM Symp. on Principles of Programming Languages (POPL , 1999

"... A promising technique for protecting privacy and integrity of sensitive data is to statically check information flow within programs that manipulate the data. While previous work has proposed programming language extensions to allow this static checking, the resulting languages are too restrictive f ..."

Abstract - Cited by 579 (32 self) - Add to MetaCart

models: a decentralized label model, label polymorphism, run-time label checking, and automatic label inference. JFlow also supports many language features that have never been integrated successfully with static information flow control, including objects, subclassing, dynamic type tests, access control

A Lattice Model of Secure Information Flow

by Dorothy E. Denning , 1976

"... This paper investigates mechanisms that guarantee secure information flow in a computer system. These mechanisms are examined within a mathematical framework suitable for formulating the requirements of secure information flow among security classes. The central component of the model is a lattice s ..."

Abstract - Cited by 697 (2 self) - Add to MetaCart

This paper investigates mechanisms that guarantee secure information flow in a computer system. These mechanisms are examined within a mathematical framework suitable for formulating the requirements of secure information flow among security classes. The central component of the model is a lattice

Lattice-Based Access Control Models

by Ravi S. Sandhu , 1993

"... The objective of this article is to give a tutorial on lattice-based access control models for computer security. The paper begins with a review of Denning's axioms for information flow policies, which provide a theoretical foundation for these models. The structure of security labels in the ..."

Abstract - Cited by 1485 (56 self) - Add to MetaCart

The objective of this article is to give a tutorial on lattice-based access control models for computer security. The paper begins with a review of Denning's axioms for information flow policies, which provide a theoretical foundation for these models. The structure of security labels

Controlled and automatic human information processing

by Walter Schneider, Richard M. Shiffrin - I. Detection, search, and attention. Psychological Review , 1977

"... A two-process theory of human information processing is proposed and applied to detection, search, and attention phenomena. Automatic processing is activa-tion of a learned sequence of elements in long-term memory that is initiated by appropriate inputs and then proceeds automatically—without subjec ..."

Abstract - Cited by 841 (15 self) - Add to MetaCart

A two-process theory of human information processing is proposed and applied to detection, search, and attention phenomena. Automatic processing is activa-tion of a learned sequence of elements in long-term memory that is initiated by appropriate inputs and then proceeds automatically

Language-Based Information-Flow Security

by Andrei Sabelfeld , Andrew C. Myers - IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS , 2003

"... Current standard security practices do not provide substantial assurance that the end-to-end behavior of a computing system satisfies important security policies such as confidentiality. An end-to-end confidentiality policy might assert that secret input data cannot be inferred by an attacker throug ..."

Abstract - Cited by 821 (57 self) - Add to MetaCart

through the attacker's observations of system output; this policy regulates information flow.

Certification of Programs for Secure Information Flow

by Dorothy E. Denning, Peter J. Denning , 1977

"... This paper presents a certification mechanism for verifying the secure flow of information through a program. Because it exploits the properties of a lattice structure among security classes, the procedure is sufficiently simple that it can easily be included in the analysis phase of most existing c ..."

Abstract - Cited by 488 (1 self) - Add to MetaCart

This paper presents a certification mechanism for verifying the secure flow of information through a program. Because it exploits the properties of a lattice structure among security classes, the procedure is sufficiently simple that it can easily be included in the analysis phase of most existing

Optimization Flow Control, I: Basic Algorithm and Convergence

by Steven H. Low, David E. Lapsley - IEEE/ACM TRANSACTIONS ON NETWORKING , 1999

"... We propose an optimization approach to flow control where the objective is to maximize the aggregate source utility over their transmission rates. We view network links and sources as processors of a distributed computation system to solve the dual problem using gradient projection algorithm. In thi ..."

Abstract - Cited by 690 (64 self) - Add to MetaCart

We propose an optimization approach to flow control where the objective is to maximize the aggregate source utility over their transmission rates. We view network links and sources as processors of a distributed computation system to solve the dual problem using gradient projection algorithm

The Protection of Information in Computer Systems

by Jerome H. Saltzer, Michael D. Schroeder , 1975

"... This tutorial paper explores the mechanics of protecting computer-stored information from unauthorized use or modification. It concentrates on those architectural structures--whether hardware or software--that are necessary to support information protection. The paper develops in three main sections ..."

Abstract - Cited by 815 (2 self) - Add to MetaCart

of protecting information in computers. Access The ability to make use of information stored in a computer system. Used frequently as a verb, to the horror of grammarians. Access control list A list of principals that are authorized to have access to some object. Authenticate To verify the identity of a person

TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones

by William Enck, Landon P. Cox, Jaeyeon Jung, et al. , 2010

"... Today’s smartphone operating systems fail to provide users with adequate control and visibility into how third-party applications use their private data. We present TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system for the popular Android platform that can simultaneous ..."

Abstract - Cited by 498 (23 self) - Add to MetaCart

Today’s smartphone operating systems fail to provide users with adequate control and visibility into how third-party applications use their private data. We present TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system for the popular Android platform that can

A Simple Model of Capital Market Equilibrium with Incomplete Information

by Robert C. Merton - JOURNAL OF FINANCE , 1987

"... The sphere of modern financial economics encompases finance, micro investment theory and much of the economics of uncertainty. As is evident from its influence on other branches of economics including public finance, industrial organization and monetary theory, the boundaries of this sphere are both ..."

Abstract - Cited by 720 (2 self) - Add to MetaCart

. But for all its mathematical refinement, the research has nevertheless had a direct and significant influence on practice. It was not always thus. Thirty years ago, finance theory was little more than a collection of anecdotes, rules of thumb, and manipulations of accounting data with an almost exclusive

Results 1 - 10 of 1,554,151

Tools