Results 1 - 10 of 940,032

4Practical Fine-Grained Information Flow Control Using Laminar

by Indrajit Roy, Hewlett Packard Labs, Kathryn S. Mckinley
"... Decentralized Information Flow Control (DIFC) is a promising model for writing programs with powerful, end-to-end security guarantees. Current DIFC systems that run on commodity hardware can be broadly categorized into two types: language-level and operating system-level DIFC. Language solutions pro ..."
Abstract - Add to MetaCart
provide no guarantees against security violations on system resources such as files and sockets. Operating system solutions mediate accesses to system resources but are either inefficient or imprecise at monitoring the flow of information through fine-grained program data structures. This article

Fine-grained Mobility in the Emerald System

by Eric Jul, Henry Levy, Norman Hutchinson, Andrew Black - ACM Transactions on Computer Systems , 1988
"... Emerald is an object-based language and system designed for the construction of distributed programs. An explicit goal of Emerald is support for object mobility; objects in Emerald can freely move within the system to take advantage of distribution and dynamically changing environments. We say that ..."
Abstract - Cited by 548 (24 self) - Add to MetaCart
that Emerald has fine-grained mobility because Emerald objects can be small data objects as well as process objects. Fine-grained mobility allows us to apply mobility in new ways but presents imple-mentation problems as well. This paper discusses the benefits of tine-grained mobility, the Emerald language

JFlow: Practical Mostly-Static Information Flow Control

by Andrew C. Myers - In Proc. 26th ACM Symp. on Principles of Programming Languages (POPL , 1999
"... A promising technique for protecting privacy and integrity of sensitive data is to statically check information flow within programs that manipulate the data. While previous work has proposed programming language extensions to allow this static checking, the resulting languages are too restrictive f ..."
Abstract - Cited by 579 (32 self) - Add to MetaCart
for practical use and have not been implemented. In this paper, we describe the new language JFlow, an extension to the Java language that adds statically-checked information flow annotations. JFlow provides several new features that make information flow checking more flexible and convenient than in previous

Laminar: Practical Fine-Grained Decentralized Information Flow Control

by Indrajit Roy, Donald E. Porter, Michael D. Bond, Kathryn S. McKinley, Emmett Witchel , 2009
"... Decentralized information flow control (DIFC) is a promising model for writing programs with powerful, end-to-end security guarantees. Current DIFC systems that run on commodity hardware can be broadly categorized into two types: language-level and operating system-level DIFC. Language level solutio ..."
Abstract - Cited by 47 (8 self) - Add to MetaCart
solutions provide no guarantees against security violations on system resources, like files and sockets. Operating system solutions can mediate accesses to system resources, but are inefficient at monitoring the flow of information through fine-grained program data structures. This paper describes Laminar

Language-Based Information-Flow Security

by Andrei Sabelfeld , Andrew C. Myers - IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS , 2003
"... Current standard security practices do not provide substantial assurance that the end-to-end behavior of a computing system satisfies important security policies such as confidentiality. An end-to-end confidentiality policy might assert that secret input data cannot be inferred by an attacker throug ..."
Abstract - Cited by 821 (57 self) - Add to MetaCart
through the attacker's observations of system output; this policy regulates information flow.

TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones

by William Enck, Landon P. Cox, Jaeyeon Jung, et al. , 2010
"... Today’s smartphone operating systems fail to provide users with adequate control and visibility into how third-party applications use their private data. We present TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system for the popular Android platform that can simultaneous ..."
Abstract - Cited by 498 (23 self) - Add to MetaCart
Today’s smartphone operating systems fail to provide users with adequate control and visibility into how third-party applications use their private data. We present TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system for the popular Android platform that can

Abstract Laminar: Practical Fine-Grained Decentralized Information Flow Control

by Indrajit Roy, Donald E. Porter, Michael D. Bond, Kathryn S. Mckinley, Emmett Witchel
"... Decentralized information flow control (DIFC) is a promising model for writing programs with powerful, end-to-end security guarantees. Current DIFC systems that run on commodity hardware can be broadly categorized into two types: language-level and operating system-level DIFC. Language level solutio ..."
Abstract - Add to MetaCart
solutions provide no guarantees against security violations on system resources, like files and sockets. Operating system solutions can mediate accesses to system resources, but are inefficient at monitoring the flow of information through fine-grained program data structures. This paper describes Laminar

A Lattice Model of Secure Information Flow

by Dorothy E. Denning , 1976
"... This paper investigates mechanisms that guarantee secure information flow in a computer system. These mechanisms are examined within a mathematical framework suitable for formulating the requirements of secure information flow among security classes. The central component of the model is a lattice s ..."
Abstract - Cited by 697 (2 self) - Add to MetaCart
This paper investigates mechanisms that guarantee secure information flow in a computer system. These mechanisms are examined within a mathematical framework suitable for formulating the requirements of secure information flow among security classes. The central component of the model is a lattice

Certification of Programs for Secure Information Flow

by Dorothy E. Denning, Peter J. Denning , 1977
"... This paper presents a certification mechanism for verifying the secure flow of information through a program. Because it exploits the properties of a lattice structure among security classes, the procedure is sufficiently simple that it can easily be included in the analysis phase of most existing c ..."
Abstract - Cited by 488 (1 self) - Add to MetaCart
This paper presents a certification mechanism for verifying the secure flow of information through a program. Because it exploits the properties of a lattice structure among security classes, the procedure is sufficiently simple that it can easily be included in the analysis phase of most existing

Controlled and automatic human information processing

by Walter Schneider, Richard M. Shiffrin - I. Detection, search, and attention. Psychological Review , 1977
"... A two-process theory of human information processing is proposed and applied to detection, search, and attention phenomena. Automatic processing is activa-tion of a learned sequence of elements in long-term memory that is initiated by appropriate inputs and then proceeds automatically—without subjec ..."
Abstract - Cited by 841 (15 self) - Add to MetaCart
), and is controlled by the subject. A series of studies using both reaction time and accuracy measures is presented, which traces these concepts in the form of automatic detection and controlled, search through the areas of detection, search, and attention. Results in these areas are shown to arise from common
Results 1 - 10 of 940,032