Abstract. This paper addresses the problem of static checking of programs to ensure that they satisfy confidentiality policies in the presence of dynamic access control in the for...
Although static systems for information flow security are well-studied, few works address runtime information flow monitoring. Runtime information flow control offers distinct adv...
Decentralized information flow control (DIFC) is a promising model for writing programs with powerful, end-to-end security guarantees. Current DIFC systems that run on commodity ...
Indrajit Roy, Donald E. Porter, Michael D. Bond, K...
We have implemented an information flow framework for the Java Virtual Machine that combines static and dynamic techniques to capture not only explicit flows, but also implicit ...
—This paper seeks to answer fundamental questions about trade-offs between static and dynamic security analysis. It has been previously shown that flow-sensitive static informat...