References

  1. Ana Almeida Matos & Gérard Boudol (2009): On Declassification and the Non-disclosure Policy. J. Comput. Secur. 17(5), pp. 549–597, doi:10.3233/JCS-2009-0355.
  2. Deepak Alur, Dan Malks, John Crupi, Grady Booch & Martin Fowler (2003): Core J2EE Patterns (Core Design Series): Best Practices and Design Strategies, 2 edition. Sun Microsystems, Inc., Mountain View, CA, USA.
  3. Gregory R. Andrews & Richard P. Reitman (1980): An Axiomatic Approach to Information Flow in Programs. ACM Trans. Program. Lang. Syst. 2(1), pp. 56–76, doi:10.1145/357084.357088.
  4. Andrew W. Appel (1998): SSA is Functional Programming. SIGPLAN Not. 33(4), pp. 17–20, doi:10.1145/278283.278285.
  5. Thomas H. Austin & Cormac Flanagan (2009): Efficient Purely-dynamic Information Flow Analysis. In: Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security, PLAS '09. ACM, New York, NY, USA, pp. 113–124, doi:10.1145/1554339.1554353.
  6. Thomas H. Austin & Cormac Flanagan (2010): Permissive Dynamic Information Flow Analysis. In: Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, pp. 3:1–3:12, doi:10.1145/1814217.1814220.
  7. Luís Caires, Jorge A. Pérez, João Costa Seco, Hugo Torres Vieira & Lúcio Ferrão (2011): Type-based Access Control in Data-centric Systems. In: Proceedings of the 20th European Conference on Programming Languages and Systems: Part of the Joint European Conferences on Theory and Practice of Software, ESOP'11/ETAPS'11. Springer-Verlag, Berlin, Heidelberg, pp. 136–155, doi:10.1006/inco.1994.1093.
  8. D. Chandra & M. Franz (2007): Fine-Grained Information Flow Analysis and Enforcement in a Java Virtual Machine. In: Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007), pp. 463–475, doi:10.1109/ACSAC.2007.37.
  9. Robert Daigneau (2011): Service Design Patterns: Fundamental Design Solutions for SOAP/WSDL and RESTful Web Services, 1 edition. Addison-Wesley Professional.
  10. Dorothy E. Denning (1976): A Lattice Model of Secure Information Flow. Commun. ACM 19(5), pp. 236–243, doi:10.1145/360051.360056.
  11. Dorothy E. Denning & Peter J. Denning (1977): Certification of Programs for Secure Information Flow. Commun. ACM 20(7), pp. 504–513, doi:10.1145/359636.359712.
  12. William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel & Anmol N. Sheth (2014): TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. Communications of the ACM, doi:10.1145/2494522.
  13. Úlfar Erlingsson & Fred B. Schneider (2000): SASI Enforcement of Security Policies: A Retrospective. In: Proceedings of the 1999 Workshop on New Security Paradigms, NSPW '99. ACM, New York, NY, USA, pp. 87–95, doi:10.1145/335169.335201. Available at http://doi.acm.org/10.1145/335169.335201.
  14. Paulo Jorge Abreu Duarte Ferreira (2012): MSc Dissertation. Information flow analysis using data-dependent logical propositions.. Faculdade de Ciências e Tecnologia, Universidade Nova de Lisboa.
  15. Jürgen Graf, Martin Hecker & Martin Mohr (2013): Using JOANA for Information Flow Control in Java Programs - A Practical Guide. In: Proceedings of the 6th Working Conference on Programming Languages (ATPS'13).
  16. Luísa Lourenço & Luís Caires (2015): Dependent Information Flow Types. SIGPLAN Not. 50(1), pp. 317–328, doi:10.1145/2775051.2676994.
  17. Maria Luísa Sobreira Gouveia Lourenço (2016): A type system for value-dependent information flow analysis.
  18. Andrew C. Myers & Barbara Liskov (2003): Protecting privacy using the decentralized label model. In: Foundations of Intrusion Tolerant Systems, OASIS 2003, pp. 89–116, doi:10.1145/363516.363526.
  19. Andrew C. Myers, Lantian Zheng, Steve Zdancewic, Stephen Chong & Nathaniel Nystrom (2006): Jif 3.0: Java information flow. Available at http://www.cs.cornell.edu/jif.
  20. Andrei Sabelfeld & Andrew C. Myers (2003): Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21(1), pp. 5–19, doi:10.1109/JSAC.2002.806121.
  21. Fred Schneider, Greg Morrisett & Robert Harper (2001): A Language-Based Approach to Security.
  22. V. Simonet (2003): The Flow Caml System (version 1.00): Documentation and user's manual. Available at http://www.normalesup.org/~simonet/soft/flowcaml/manual/.
  23. R Vallée-Rai, P Co & E Gagnon (1999): Soot-a Java bytecode optimization framework. CASCON.
  24. Stephan Arthur Zdancewic (2002): Programming Languages for Information Security, Ithaca, NY, USA. AAI3063751.
  25. Steve Zdancewic (2004): Challenges for information-flow security. Proceedings of the 1st International Workshop on the Programming Language Interference and Dependence (PLID'04).
  26. Jianzhou Zhao, Santosh Nagarakatte, Milo M.K. Martin & Steve Zdancewic (2013): Formal Verification of SSA-based Optimizations for LLVM. SIGPLAN Not. 48(6), pp. 175–186, doi:10.1145/2499370.2462164.

Comments and questions to: eptcs@eptcs.org
For website issues: webmaster@eptcs.org