skip to content
UC Santa Cruz
You are here:
April 13 Information Flow Analysis
Termination-Insensitive Noninterference Leaks More Than Just a Bit
. Aslan Askarov et al. ESORICS 2008.
Addressed problems with information flow analysis and intermediary output.
New model for analyzing these types of applications.
This model is deterministic. Would non-determinism break the model?
Cross site scripting prevention with dynamic data tainting and static analysis
. Vogt et al. 2007.
Approached XSS attacks from the client-side (previous XSS defenses have focused on the server side).
Applied information flow techniques to XSS prevention (though data tainting seems to have been used here before).
Heavy-duty, real-world information flow analysis case.
Is this approach more broadly applicable to client-side information flow analysis?
. Gregor Kiczales et al. ACM Comput. Surv. 28(4es): 154 (1996).
A Generic Type-and-Effect System
. Marino and Millstein. TLDI 2009.
JFlow: Practical Mostly-Static Information Flow Control
. Andrew Myers. POPL 1999.
· Last modified: 2014/03/03 19:32 by
Back to top