User Tools

Site Tools


readinggroup:spring09

Spring 2009

  • April 13 Information Flow Analysis
      • Contributions:
        1. Addressed problems with information flow analysis and intermediary output.
        2. New model for analyzing these types of applications.
      • Questions:
        1. This model is deterministic. Would non-determinism break the model?
      • Contributions:
        1. Approached XSS attacks from the client-side (previous XSS defenses have focused on the server side).
        2. Applied information flow techniques to XSS prevention (though data tainting seems to have been used here before).
        3. Heavy-duty, real-world information flow analysis case.
      • Questions:
        1. Is this approach more broadly applicable to client-side information flow analysis?
readinggroup/spring09.txt · Last modified: 2014/03/03 19:32 by cschuster