A. Askarov and A. Sabelfeld, Tight Enforcement of Information-Release Policies for Dynamic Languages, 2009 22nd IEEE Computer Security Foundations Symposium, 2009.
DOI : 10.1109/CSF.2009.22

T. H. Austin and C. Flanagan, Efficient purely-dynamic information flow analysis, Proc. ACM Workshop on Programming Languages and Analysis for Security (PLAS), 2009.
DOI : 10.1145/1667209.1667223

T. H. Austin and C. Flanagan, Permissive dynamic information flow analysis, Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, PLAS '10, 2010.
DOI : 10.1145/1814217.1814220

G. Boudol, Secure information flow as a safety property In Formal Aspects in Security and Trust, Third International Workshop (FAST'08), pp.20-34, 2009.

A. Chudnov and D. A. Naumann, Information Flow Monitor Inlining, 2010 23rd IEEE Computer Security Foundations Symposium, 2010.
DOI : 10.1109/CSF.2010.21

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

E. S. Cohen, Information transmission in sequential programs, Foundations of Secure Computation, pp.297-335, 1978.

D. Crockford, Making javascript safe for advertising. adsafe.org, 2009.

D. E. Denning and P. J. Denning, Certification of programs for secure information flow, Communications of the ACM, vol.20, issue.7, pp.504-513, 1977.
DOI : 10.1145/359636.359712

B. Eich, Flowsafe: Information flow security for the browser. https://wiki. mozilla.org/FlowSafe, 2009.

U. Erlingsson, The inlined reference monitor approach to security policy enforcement, 2004.

J. S. Fenton, Memoryless subsystems, The Computer Journal, vol.17, issue.2, pp.143-147, 1974.
DOI : 10.1093/comjnl/17.2.143

URL : http://comjnl.oxfordjournals.org/cgi/content/short/17/2/143

J. A. Goguen and J. Meseguer, Security Policies and Security Models, 1982 IEEE Symposium on Security and Privacy, pp.11-20, 1982.
DOI : 10.1109/SP.1982.10014

K. W. Hamlen, G. Morrisett, and F. B. Schneider, Computability classes for enforcement mechanisms, ACM Transactions on Programming Languages and Systems, vol.28, issue.1, pp.175-205, 2006.
DOI : 10.1145/1111596.1111601

Y. Huang, F. Yu, C. Hang, C. Tsai, D. Lee et al., Securing web application code by static analysis and runtime protection, Proceedings of the 13th conference on World Wide Web , WWW '04, pp.40-52, 2004.
DOI : 10.1145/988672.988679

D. Kozen, Language-Based Security, Proc. Mathematical Foundations of Computer Science, pp.284-298, 1999.
DOI : 10.1007/3-540-48340-3_26

L. Guernic, Automaton-based Confidentiality Monitoring of Concurrent Programs, 20th IEEE Computer Security Foundations Symposium (CSF'07), pp.218-232, 2007.
DOI : 10.1109/CSF.2007.10

URL : https://hal.archives-ouvertes.fr/inria-00161019

G. , L. Guernic, A. Banerjee, T. Jensen, and D. Schmidt, Automata-based confidentiality monitoring, Proc. Asian Computing Science Conference (ASIAN'06), 2006.
URL : https://hal.archives-ouvertes.fr/inria-00130210

X. Leroy, Java bytecode verification: algorithms and formalizations, Journal of Automated Reasoning, vol.30, issue.3/4, pp.235-269, 2003.
DOI : 10.1023/A:1025055424017

URL : https://hal.archives-ouvertes.fr/hal-01499939

J. Ligatti, L. Bauer, and D. Walker, Edit automata: enforcement mechanisms for run-time security policies, International Journal of Information Security, vol.3, issue.1-2, pp.2-16, 2005.
DOI : 10.1007/s10207-004-0046-8

S. Maffeis, J. Mitchell, and A. Taly, Isolating JavaScript with Filters, Rewriting, and Wrappers, Proc. of ESORICS'09, 2009.
DOI : 10.1007/978-3-540-31987-0_28

S. Maffeis and A. Taly, Language-Based Isolation of Untrusted JavaScript, 2009 22nd IEEE Computer Security Foundations Symposium, 2009.
DOI : 10.1109/CSF.2009.11

J. Magazinius, A. Askarov, and A. Sabelfeld, A lattice-based approach to mashup security, Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS '10, 2010.
DOI : 10.1145/1755688.1755691

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

J. Magazinius, A. Russo, and A. Sabelfeld, Inlined security monitor performance test, 2010.

S. Mccamant and M. D. Ernst, Quantitative information flow as network flow capacity, Proc. ACM SIGPLAN Conference on Programming language Design and Implementation, pp.193-205, 2008.

J. Mclean, A general theory of composition for trace sets closed under selective interleaving functions, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy, pp.79-93, 1994.
DOI : 10.1109/RISP.1994.296590

M. Miller, M. Samuel, B. Laurie, I. Awad, and M. Stay, Caja: Safe active content in sanitized javascript, 2008.

A. C. Myers, L. Zheng, S. Zdancewic, S. Chong, and N. Nystrom, Jif: Java information flow. Software release, 2001.

C. Reis, J. Dunagan, H. J. Wang, O. Dubrovsky, and S. Esmeir, BrowserShield, ACM Transactions on the Web, vol.1, issue.3, p.11, 2007.
DOI : 10.1145/1281480.1281481

A. Russo and A. Sabelfeld, Securing Timeout Instructions in Web Applications, 2009 22nd IEEE Computer Security Foundations Symposium, 2009.
DOI : 10.1109/CSF.2009.16

A. Russo and A. Sabelfeld, Dynamic vs. Static Flow-Sensitive Security Analysis, 2010 23rd IEEE Computer Security Foundations Symposium, 2010.
DOI : 10.1109/CSF.2010.20

A. Russo, A. Sabelfeld, and A. Chudnov, Tracking Information Flow in Dynamic Tree Structures, Proc. European Symp. on Research in Computer Security, 2009.
DOI : 10.1007/3-540-48294-6_20

A. Sabelfeld and A. C. Myers, Language-based information-flow security, IEEE Journal on Selected Areas in Communications, vol.21, issue.1, pp.5-19, 2003.
DOI : 10.1109/JSAC.2002.806121

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

A. Sabelfeld and A. Russo, From Dynamic to Static and Back: Riding the Roller Coaster of Information-Flow Control Research, Proc. Andrei Ershov International Conference on Perspectives of System Informatics, 2009.
DOI : 10.1007/978-3-642-11486-1_30

F. B. Schneider, Enforceable security policies, ACM Transactions on Information and System Security, vol.3, issue.1, pp.30-50, 2000.
DOI : 10.1145/353323.353382

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

F. B. Schneider, G. Morrisett, and R. Harper, A Language-Based Approach to Security, Informatics?10 Years Back, 10 Years Ahead, pp.86-101, 2000.
DOI : 10.1007/3-540-44577-3_6

P. Shroff, S. Smith, and M. Thober, Dynamic Dependency Monitoring to Secure Information Flow, 20th IEEE Computer Security Foundations Symposium (CSF'07), pp.203-217, 2007.
DOI : 10.1109/CSF.2007.20

V. Simonet, The Flow Caml system. Software release. Located at http://cristal. inria.fr/ ? simonet, 2003.
URL : https://hal.archives-ouvertes.fr/inria-00069896

P. H. Systems, Sparkada examinar. Software release

T. Terauchi and A. Aiken, Secure Information Flow as a Safety Problem, Proc. Symp. on Static Analysis, pp.352-367, 2005.
DOI : 10.1007/11547662_24

V. N. Venkatakrishnan, W. Xu, D. C. Duvarney, and R. Sekar, Provably Correct Runtime Enforcement of Non-interference Properties, Proc. International Conference on Information and Communications Security, pp.332-351, 2006.
DOI : 10.1007/11935308_24

P. Vogt, F. Nentwich, N. Jovanovic, E. Kirda, C. Kruegel et al., Cross-site scripting prevention with dynamic data tainting and static analysis, Proc. Network and Distributed System Security Symposium, 2007.

D. Volpano, Safety versus Secrecy, Proc. Symp. on Static Analysis, pp.303-311, 1999.
DOI : 10.1007/3-540-48294-6_20

D. Volpano, G. Smith, and C. Irvine, A sound type system for secure flow analysis, Journal of Computer Security, vol.4, issue.2-3, pp.167-187, 1996.
DOI : 10.3233/JCS-1996-42-304

D. S. Wallach, A. W. Appel, and E. W. Felten, SAFKASI: a security mechanism for language-based systems, ACM Transactions on Software Engineering and Methodology, vol.9, issue.4, pp.341-378, 2000.
DOI : 10.1145/363516.363520