If we classify the variables of a program into various security levels, then a secure information flow analysis aims to verify statically that information in the program can flo...
We present a new approach to information flow control (IFC), ploits counterexample-guided abstraction refinement (CEGAR) technology. The CEGAR process is built on top of our existi...
This paper presents an embedded security sublanguage for enforcing information-flow policies in the standard Haskell programming language. The sublanguage provides useful informa...
The continuing frequency and seriousness of security incidents underlines the importance of application security. Decentralized information flow control (DIFC), a promising tool ...
Existing security models require that information of a given security level be prevented from “leaking” into lower-security information. High-security applications must be dem...