With the ubiquitous deployment of large scale networks more and more complex human interactions are supported by computer applications. This poses new challenges on the expressive...
This paper studies the problem of securing information release in dynamic languages. We propose (i) an intuitive framework for information-release policies expressing both what ca...
In traditional information-flow type systems, the security policy is often formalized as noninterference properties. However, noninterference alone is too strong to express securi...
Java is typically compiled into an intermediate language, JVML, that is interpreted by the Java Virtual Machine. Because mobile JVML code is not always trusted, a bytecode verifi...
Software attacks often subvert the intended data-flow in a vulnerable program. For example, attackers exploit buffer overflows and format string vulnerabilities to write data to u...