Results 1 - 10 of 678

4Practical Fine-Grained Information Flow Control Using Laminar

by Indrajit Roy, Hewlett Packard Labs, Kathryn S. Mckinley
"... Decentralized Information Flow Control (DIFC) is a promising model for writing programs with powerful, end-to-end security guarantees. Current DIFC systems that run on commodity hardware can be broadly categorized into two types: language-level and operating system-level DIFC. Language solutions pro ..."
Abstract - Add to MetaCart
provide no guarantees against security violations on system resources such as files and sockets. Operating system solutions mediate accesses to system resources but are either inefficient or imprecise at monitoring the flow of information through fine-grained program data structures. This article

Jflow: Practical mostly-static information flow control.

by Andrew C Myers - In Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, , 1999
"... Abstract A promising technique for protecting privacy and integrity of sensitive data is to statically check information flow within programs that manipulate the data. While previous work has proposed programming language extensions to allow this static checking, the resulting languages are too res ..."
Abstract - Cited by 584 (33 self) - Add to MetaCart
restrictive for practical use and have not been implemented. In this paper, we describe the new language JFlow, an extension to the Java language that adds statically-checked information flow annotations. JFlow provides several new features that make information flow checking more flexible and convenient than

Laminar: Practical Fine-Grained Decentralized Information Flow Control

by Indrajit Roy, Donald E. Porter, Michael D. Bond, Kathryn S. McKinley, Emmett Witchel , 2009
"... Decentralized information flow control (DIFC) is a promising model for writing programs with powerful, end-to-end security guarantees. Current DIFC systems that run on commodity hardware can be broadly categorized into two types: language-level and operating system-level DIFC. Language level solutio ..."
Abstract - Cited by 50 (6 self) - Add to MetaCart
solutions provide no guarantees against security violations on system resources, like files and sockets. Operating system solutions can mediate accesses to system resources, but are inefficient at monitoring the flow of information through fine-grained program data structures. This paper describes Laminar

Abstract Laminar: Practical Fine-Grained Decentralized Information Flow Control

by Indrajit Roy, Donald E. Porter, Michael D. Bond, Kathryn S. Mckinley, Emmett Witchel
"... Decentralized information flow control (DIFC) is a promising model for writing programs with powerful, end-to-end security guarantees. Current DIFC systems that run on commodity hardware can be broadly categorized into two types: language-level and operating system-level DIFC. Language level solutio ..."
Abstract - Add to MetaCart
solutions provide no guarantees against security violations on system resources, like files and sockets. Operating system solutions can mediate accesses to system resources, but are inefficient at monitoring the flow of information through fine-grained program data structures. This paper describes Laminar

A Control-Theoretic Approach to Flow Control

by Srinivasan Keshav , 1991
"... This paper presents a control-theoretic approach to reactive flow control in networks that do not reserve bandwidth. We assume a round-robin-like queue service discipline in the output queues of the network’s switches, and propose deterministic and stochastic models for a single conversation in a ne ..."
Abstract - Cited by 454 (8 self) - Add to MetaCart
network of such switches. These models motivate the Packet-Pair rate probing technique, and a provably stable rate-based flow control scheme. A Kalman state estimator is derived from discrete-time state space analysis, but there are difficulties in using the estimator in practice. These difficulties

Myrinet: A Gigabit-per-Second Local Area Network

by Nanette J. Boden, Danny Cohen, Robert E. Felderman, Alan E. Kulawik, Charles L. Seitz, Jakov N. Seizovic, Wen-king Su - IEEE Micro , 1995
"... Abstract. Myrinet is a new type of local-area network (LAN) based on the technology used for packet communication and switching within "massivelyparallel processors " (MPPs). Think of Myrinet as an MPP message-passing network that can span campus dimensions, rather than as a wide-a ..."
Abstract - Cited by 1011 (0 self) - Add to MetaCart
such as Ethernet and FDDI, it is helpful to start with Myrinet's genealogy. Myrinet is rooted in the results of two ARPA-sponsored research projects, the Caltech Mosaic, an experimental, fine-grain multicomputer [1], and the USC Information Sciences Institute (USC/ISI) ATOMIC LAN [2, 3], which was built using

Manageable fine-grained information flow

by Petros Efstathopoulos, Eddie Kohler - In Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems , 2008
"... The continuing frequency and seriousness of security incidents underlines the importance of application security. Decentralized information flow control (DIFC), a promising tool for improving application security, gives application developers fine-grained control over security policy and privilege m ..."
Abstract - Cited by 31 (2 self) - Add to MetaCart
The continuing frequency and seriousness of security incidents underlines the importance of application security. Decentralized information flow control (DIFC), a promising tool for improving application security, gives application developers fine-grained control over security policy and privilege

A Decentralized Model for Information Flow Control

by Andrew C. Myers, Barbara Liskov - In Proc. 17th ACM Symp. on Operating System Principles (SOSP , 1997
"... This paper presents a new model for controlling information flow in systems with mutual distrust and decentralized authority. The model allows users to share information with distrusted code (e.g., downloaded applets), yet still control how that code disseminates the shared information to others. Th ..."
Abstract - Cited by 266 (23 self) - Add to MetaCart
. The model improves on existing multilevel security models by allowing users to declassify information in a decentralized way, and by improving support for fine-grained data sharing. The paper also shows how static program analysis can be used to certify proper information flows in this model and to avoid

Protecting privacy using the decentralized label model

by Andrew C. Myers, Barbara Liskov - ACM Transactions on Software Engineering and Methodology , 2000
"... Stronger protection is needed for the confidentiality and integrity of data, because programs containing untrusted code are the rule rather than the exception. Information flow control allows the enforcement of end-to-end security policies, but has been difficult to put into practice. This article d ..."
Abstract - Cited by 288 (27 self) - Add to MetaCart
for fine-grained data sharing. It supports static program analysis of information flow, so that programs can be certified to permit only acceptable information flows, while largely avoiding the overhead of run-time checking. The article introduces the language Jif, an extension to Java that provides static

Fine-grained disclosure control for app ecosystems

by Gabriel M. Bender, Lucja Kot, Johannes Gehrke, Christoph Koch , 2013
"... The modern computing landscape contains an increasing number of app ecosystems, where users store personal data on platforms such as Facebook or smartphones. APIs enable third-party applications (apps) to utilize that data. A key concern associated with app ecosystems is the confidentiality of user ..."
Abstract - Cited by 1 (1 self) - Add to MetaCart
of security views that is needed to answer it, and these labels drive policy decisions. We explain how our disclosure model can be used in prac-tice and provide algorithms for labeling conjunctive queries for the case of single-atom security views. We show that our approach is useful by demonstrating
Results 1 - 10 of 678