Sciweavers

CSFW
2011
IEEE
14 years 7 months ago
Modular Protections against Non-control Data Attacks
—This paper introduces YARRA, a conservative extension to C to protect applications from non-control data attacks. YARRA programmers specify their data integrity requirements by ...
Cole Schlesinger, Karthik Pattabiraman, Nikhil Swa...
CSFW
2011
IEEE
14 years 7 months ago
The Complexity of Quantitative Information Flow Problems
—In this paper, we investigate the computational complexity of quantitative information flow (QIF) problems. Information-theoretic quantitative relaxations of noninterference (b...
Pavol Cerný, Krishnendu Chatterjee, Thomas ...
CSFW
2011
IEEE
14 years 7 months ago
Dynamic Enforcement of Knowledge-Based Security Policies
—This paper explores the idea of knowledge-based security policies, which are used to decide whether to answer queries over secret data based on an estimation of the querier’s ...
Piotr Mardziel, Stephen Magill, Michael Hicks, Mud...
CSFW
2011
IEEE
14 years 7 months ago
Formal Analysis of Protocols Based on TPM State Registers
—We present a Horn-clause-based framework for analysing security protocols that use platform configuration registers (PCRs), which are registers for maintaining state inside the...
Stéphanie Delaune, Steve Kremer, Mark Dermo...
CSFW
2011
IEEE
14 years 7 months ago
Local Memory via Layout Randomization
—Randomization is used in computer security as a tool to introduce unpredictability into the software infrastructure. In this paper, we study the use of randomization to achieve ...
Radha Jagadeesan, Corin Pitcher, Julian Rathke, Ja...