Tight Enforcement of Information-Release Policies for Dynamic Languages, 2009 22nd IEEE Computer Security Foundations Symposium, 2009. ,
DOI : 10.1109/CSF.2009.22
Efficient purely-dynamic information flow analysis, Proc. ACM Workshop on Programming Languages and Analysis for Security (PLAS), 2009. ,
DOI : 10.1145/1667209.1667223
Permissive dynamic information flow analysis, Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, PLAS '10, 2010. ,
DOI : 10.1145/1814217.1814220
Secure information flow as a safety property In Formal Aspects in Security and Trust, Third International Workshop (FAST'08), pp.20-34, 2009. ,
Information Flow Monitor Inlining, 2010 23rd IEEE Computer Security Foundations Symposium, 2010. ,
DOI : 10.1109/CSF.2010.21
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.153.6508
Information transmission in sequential programs, Foundations of Secure Computation, pp.297-335, 1978. ,
Making javascript safe for advertising. adsafe.org, 2009. ,
Certification of programs for secure information flow, Communications of the ACM, vol.20, issue.7, pp.504-513, 1977. ,
DOI : 10.1145/359636.359712
Flowsafe: Information flow security for the browser. https://wiki. mozilla.org/FlowSafe, 2009. ,
The inlined reference monitor approach to security policy enforcement, 2004. ,
Memoryless subsystems, The Computer Journal, vol.17, issue.2, pp.143-147, 1974. ,
DOI : 10.1093/comjnl/17.2.143
URL : http://comjnl.oxfordjournals.org/cgi/content/short/17/2/143
Security Policies and Security Models, 1982 IEEE Symposium on Security and Privacy, pp.11-20, 1982. ,
DOI : 10.1109/SP.1982.10014
Computability classes for enforcement mechanisms, ACM Transactions on Programming Languages and Systems, vol.28, issue.1, pp.175-205, 2006. ,
DOI : 10.1145/1111596.1111601
Securing web application code by static analysis and runtime protection, Proceedings of the 13th conference on World Wide Web , WWW '04, pp.40-52, 2004. ,
DOI : 10.1145/988672.988679
Language-Based Security, Proc. Mathematical Foundations of Computer Science, pp.284-298, 1999. ,
DOI : 10.1007/3-540-48340-3_26
Automaton-based Confidentiality Monitoring of Concurrent Programs, 20th IEEE Computer Security Foundations Symposium (CSF'07), pp.218-232, 2007. ,
DOI : 10.1109/CSF.2007.10
URL : https://hal.archives-ouvertes.fr/inria-00161019
Automata-based confidentiality monitoring, Proc. Asian Computing Science Conference (ASIAN'06), 2006. ,
URL : https://hal.archives-ouvertes.fr/inria-00130210
Java bytecode verification: algorithms and formalizations, Journal of Automated Reasoning, vol.30, issue.3/4, pp.235-269, 2003. ,
DOI : 10.1023/A:1025055424017
URL : https://hal.archives-ouvertes.fr/hal-01499939
Edit automata: enforcement mechanisms for run-time security policies, International Journal of Information Security, vol.3, issue.1-2, pp.2-16, 2005. ,
DOI : 10.1007/s10207-004-0046-8
Isolating JavaScript with Filters, Rewriting, and Wrappers, Proc. of ESORICS'09, 2009. ,
DOI : 10.1007/978-3-540-31987-0_28
Language-Based Isolation of Untrusted JavaScript, 2009 22nd IEEE Computer Security Foundations Symposium, 2009. ,
DOI : 10.1109/CSF.2009.11
A lattice-based approach to mashup security, Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS '10, 2010. ,
DOI : 10.1145/1755688.1755691
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.158.2133
Inlined security monitor performance test, 2010. ,
Quantitative information flow as network flow capacity, Proc. ACM SIGPLAN Conference on Programming language Design and Implementation, pp.193-205, 2008. ,
A general theory of composition for trace sets closed under selective interleaving functions, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy, pp.79-93, 1994. ,
DOI : 10.1109/RISP.1994.296590
Caja: Safe active content in sanitized javascript, 2008. ,
Jif: Java information flow. Software release, 2001. ,
BrowserShield, ACM Transactions on the Web, vol.1, issue.3, p.11, 2007. ,
DOI : 10.1145/1281480.1281481
Securing Timeout Instructions in Web Applications, 2009 22nd IEEE Computer Security Foundations Symposium, 2009. ,
DOI : 10.1109/CSF.2009.16
Dynamic vs. Static Flow-Sensitive Security Analysis, 2010 23rd IEEE Computer Security Foundations Symposium, 2010. ,
DOI : 10.1109/CSF.2010.20
Tracking Information Flow in Dynamic Tree Structures, Proc. European Symp. on Research in Computer Security, 2009. ,
DOI : 10.1007/3-540-48294-6_20
Language-based information-flow security, IEEE Journal on Selected Areas in Communications, vol.21, issue.1, pp.5-19, 2003. ,
DOI : 10.1109/JSAC.2002.806121
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.10.3979
From Dynamic to Static and Back: Riding the Roller Coaster of Information-Flow Control Research, Proc. Andrei Ershov International Conference on Perspectives of System Informatics, 2009. ,
DOI : 10.1007/978-3-642-11486-1_30
Enforceable security policies, ACM Transactions on Information and System Security, vol.3, issue.1, pp.30-50, 2000. ,
DOI : 10.1145/353323.353382
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.147.1853
A Language-Based Approach to Security, Informatics?10 Years Back, 10 Years Ahead, pp.86-101, 2000. ,
DOI : 10.1007/3-540-44577-3_6
Dynamic Dependency Monitoring to Secure Information Flow, 20th IEEE Computer Security Foundations Symposium (CSF'07), pp.203-217, 2007. ,
DOI : 10.1109/CSF.2007.20
The Flow Caml system. Software release. Located at http://cristal. inria.fr/ ? simonet, 2003. ,
URL : https://hal.archives-ouvertes.fr/inria-00069896
Sparkada examinar. Software release ,
Secure Information Flow as a Safety Problem, Proc. Symp. on Static Analysis, pp.352-367, 2005. ,
DOI : 10.1007/11547662_24
Provably Correct Runtime Enforcement of Non-interference Properties, Proc. International Conference on Information and Communications Security, pp.332-351, 2006. ,
DOI : 10.1007/11935308_24
Cross-site scripting prevention with dynamic data tainting and static analysis, Proc. Network and Distributed System Security Symposium, 2007. ,
Safety versus Secrecy, Proc. Symp. on Static Analysis, pp.303-311, 1999. ,
DOI : 10.1007/3-540-48294-6_20
A sound type system for secure flow analysis, Journal of Computer Security, vol.4, issue.2-3, pp.167-187, 1996. ,
DOI : 10.3233/JCS-1996-42-304
SAFKASI: a security mechanism for language-based systems, ACM Transactions on Software Engineering and Methodology, vol.9, issue.4, pp.341-378, 2000. ,
DOI : 10.1145/363516.363520