[Pl-seminar] Semantics Seminar Schedule

Mitchell Wand wand at ccs.neu.edu
Sat, 12 Oct 2002 00:05:00 -0400 (EDT)

NU Programming Languages Seminar
Wednesday, October 16, 2002  
206 Egan  Hall, Northeastern University
    (building 44 on http://www.campusmap.neu.edu/)

Andrei Sabelfeld

Language-Based Information-Flow Security

Current standard security practices do not provide substantial
assurance that the end-to-end behavior of a computing system
satisfies important security policies such as confidentiality.  An
end-to-end confidentiality policy might assert that secret input
data cannot be inferred by an attacker through the attacker's
observations of system output; this policy regulates information

Conventional security mechanisms such as access control and
encryption do not directly address the enforcement of
information-flow policies. Recently, a promising new approach has
been developed: the use of programming-language techniques for
specifying and enforcing information-flow policies.  In this article
we survey the past three decades of research on information-flow
security, particularly focusing on work that uses static program
analysis to enforce information-flow policies.  We give a structured
view of recent work in the area and identify some important open

Paper available via

Upcoming presentations:

To be announced.