Tools
Sorted by:
Try your query at:
 |
 |
 |
 |
 |
 |
Results 1 - 10
of
1,043
Integrating SELinux with Security-typed Languages
- ANNUAL SECURITY ENHANCED LINUX SYMPOSIUM
, 2007
"... Traditionally, operating systems have enforced MAC and information flow policies with minimal dependence on application programs. However, there are many cases where systems depend on user-level programs to enforce information flows. Previous approaches to handling this problem, such as privilege-se ..."
Abstract
-
Cited by 4 (1 self)
- Add to MetaCart
-separation of application components or assuming trust in application information flow enforcement, are prone to error and cumbersome to manage. On the other hand, recent advances in the area of security-typed languages have enabled the development of realistic applications with formally and automatically verified
Abstract Jifclipse: Development Tools for Security-Typed Languages
"... Security-typed languages such as Jif require the programmer to label variables with information flow security policies as part of application development. The compiler then flags errors wherever information leaks may occur. Resolving these information leaks is a critical task in security-typed langu ..."
Abstract
- Add to MetaCart
Security-typed languages such as Jif require the programmer to label variables with information flow security policies as part of application development. The compiler then flags errors wherever information leaks may occur. Resolving these information leaks is a critical task in security-typed
Abstract Jifclipse: Development Tools for Security-Typed Languages
"... Security-typed languages such as Jif require the programmer to label variables with information flow security policies as part of application development. The compiler then flags errors wherever information leaks may occur. Resolving these information leaks is a critical task in security-typed langu ..."
Abstract
- Add to MetaCart
Security-typed languages such as Jif require the programmer to label variables with information flow security policies as part of application development. The compiler then flags errors wherever information leaks may occur. Resolving these information leaks is a critical task in security-typed
Channels: Runtime System Infrastructure for Security-typed Languages
"... Security-typed languages (STLs) are powerful tools for provably implementing policy in applications. The programmer maps policy onto programs by annotating types with information flow labels, and the STL compiler guarantees that data always obeys its label as it flows within an application. As data ..."
Abstract
-
Cited by 4 (1 self)
- Add to MetaCart
Security-typed languages (STLs) are powerful tools for provably implementing policy in applications. The programmer maps policy onto programs by annotating types with information flow labels, and the STL compiler guarantees that data always obeys its label as it flows within an application. As data
Abstract Declassification with Cryptographic Functions in a Security-Typed Language
"... Security-typed languages are powerful tools for provably enforcing noninterference. Real computing systems, however, often intentionally violate noninterference by deliberately releasing (or declassifying) sensitive information. These systems frequently trust cryptographic functions to achieve decla ..."
Abstract
- Add to MetaCart
Security-typed languages are powerful tools for provably enforcing noninterference. Real computing systems, however, often intentionally violate noninterference by deliberately releasing (or declassifying) sensitive information. These systems frequently trust cryptographic functions to achieve
Security-typed languages for implementation of cryptographic protocols: A case study
- In Proc. European Symp. on Research in Computer Security, volume 3679 of LNCS
, 2005
"... Abstract. Security protocols are critical for protecting modern communication infrastructures and are therefore subject to thorough analysis. However practical implementations of these protocols lack the same level of attention and thus may be more exposed to attacks. This paper discusses security a ..."
Abstract
-
Cited by 30 (5 self)
- Add to MetaCart
assurance provided by security-typed languages when implementing cryptographic protocols. Our results are based on a case study using Jif, a Java-based security-typed language, for implementing a non-trivial cryptographic protocol that allows playing online poker without a trusted third party. The case
Managing policy updates in security-typed languages
- In CSFW’06: the 19th IEEE Computer Security Foundations Workshop
, 2006
"... This paper presents RX, a new security-typed programming language with features intended to make the management of information-flow policies more practical. Security labels in RX, in contrast to prior approaches, are defined in terms of owned roles, as found in the RT rolebased trust-management fram ..."
Abstract
-
Cited by 27 (6 self)
- Add to MetaCart
This paper presents RX, a new security-typed programming language with features intended to make the management of information-flow policies more practical. Security labels in RX, in contrast to prior approaches, are defined in terms of owned roles, as found in the RT rolebased trust
Abstract Designing a Security-typed Language with
"... This paper presents the design of a programming language that supports information-flow security policies and certificate-based declassification. The language uses monadic information-flow annotations in the style of Abadi et al.’s dependency core calculus, and has an effects system and fixpoints. T ..."
Abstract
- Add to MetaCart
. The type system conflates security concepts such as labels, principals, and privileges with abstract types, allowing a uniform treatment of lattice structures throughout the language. Myers ’ and Liskov’s decentralized label model is encoded using type constructors that describe confidentiality
From Languages to Systems: Understanding Practical Application Development in Security-typed Languages
- In Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC 2006
, 2006
"... Security-typed languages are an evolving tool for implementing systems with provable security guarantees. However, to date, these tools have only been used to build simple “toy ” programs. As described in this paper, we have developed the first real-world, security-typed application: a secure email ..."
Abstract
-
Cited by 17 (5 self)
- Add to MetaCart
Security-typed languages are an evolving tool for implementing systems with provable security guarantees. However, to date, these tools have only been used to build simple “toy ” programs. As described in this paper, we have developed the first real-world, security-typed application: a secure email
Trusted Declassification -- High-level policy for a security-typed language
, 2006
"... Security-typed languages promise to be a powerful tool with which provably secure software applications may be developed. Programs written in these languages enforce a strong, global policy of noninterference which ensures that high-security data will not be observable on low-security channels. Beca ..."
Abstract
-
Cited by 31 (13 self)
- Add to MetaCart
Security-typed languages promise to be a powerful tool with which provably secure software applications may be developed. Programs written in these languages enforce a strong, global policy of noninterference which ensures that high-security data will not be observable on low-security channels
Results 1 - 10
of
1,043
