User Tools

Site Tools


readinggroup:spring09

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

readinggroup:spring09 [2014/03/03 19:32] (current)
cschuster Moved from readinggroup
Line 1: Line 1:
 +====Spring 2009====
  
 +  * **April 13 Information Flow Analysis**
 +    *[[http://​www.cs.chalmers.se/​~andrei/​esorics08.pdf |Termination-Insensitive Noninterference Leaks More Than Just a Bit]]. Aslan Askarov et al. ESORICS 2008.
 +      * //​Contributions//:​
 +        - Addressed problems with information flow analysis and intermediary output.
 +        - New model for analyzing these types of applications.
 +      * //​Questions//:​
 +        - This model is deterministic. ​ Would non-determinism break the model?
 +    *[[http://​www.csd.uoc.gr/​~hy558/​papers/​xss_prevention.pdf | Cross site scripting prevention with dynamic data tainting and static analysis]]. Vogt et al. 2007.
 +      * Contributions:​
 +        - Approached XSS attacks from the client-side (previous XSS defenses have focused on the server side).
 +        - Applied information flow techniques to XSS prevention (though data tainting seems to have been used here before).
 +        - Heavy-duty, real-world information flow analysis case.
 +      * Questions:
 +        - Is this approach more broadly applicable to client-side information flow analysis?
 +
 +  * **April 16**
 +    *[[http://​www.springerlink.com/​content/​8tkwabbf6q7dbtb3/​fulltext.pdf |Aspect-Oriented Programming]]. Gregor Kiczales et al.  ACM Comput. Surv. 28(4es): 154 (1996).
 +  * **April 23**
 +    *[[http://​lambda-the-ultimate.org/​node/​3278|A Generic Type-and-Effect System]]. Marino and Millstein. TLDI 2009.
 +  * **April 30**
 +    *[[http://​www.cs.cornell.edu/​andru/​papers/​popl99/​popl99.pdf|JFlow:​ Practical Mostly-Static Information Flow Control]]. Andrew Myers. POPL 1999.
 +  * **May 7** tba
 +  * **May 14** tba
 +  * **May 21** tba
 +  * **May 28** tba
 +  * **June 4** tba
 +  * **June 11** tba
readinggroup/spring09.txt · Last modified: 2014/03/03 19:32 by cschuster