An empirical study of privacy-violating information flows in JavaScript web applications, Proceedings of the 17th ACM conference on Computer and communications security, CCS '10, 2010. ,
DOI : 10.1145/1866307.1866339
Information-Flow Security for a Core of JavaScript, 2012 IEEE 25th Computer Security Foundations Symposium, 2012. ,
DOI : 10.1109/CSF.2012.19
FlowFox, Proceedings of the 2012 ACM conference on Computer and communications security, CCS '12, 2012. ,
DOI : 10.1145/2382196.2382275
Information Flow Control in WebKit???s JavaScript Bytecode, POST, 2014. ,
DOI : 10.1007/978-3-642-54792-8_9
Multiple Facets for Dynamic Information Flow, POPL, 2012. ,
You are what you include, Proceedings of the 2012 ACM conference on Computer and communications security, CCS '12, 2012. ,
DOI : 10.1145/2382196.2382274
Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis, NDSS, 2007. ,
Noninterference through Secure Multi-execution, 2010 IEEE Symposium on Security and Privacy, 2010. ,
DOI : 10.1109/SP.2010.15
URL : https://lirias.kuleuven.be/bitstream/123456789/265429/1/secure-multi-execution-final.pdf
Reactive non-interference for a browser model, 2011 5th International Conference on Network and System Security, 2011. ,
DOI : 10.1109/ICNSS.2011.6059965
Run Your Research: On the Effectiveness of Lightweight Mechanization, 2012. ,
A Per Model of Secure Information Flow in Sequential Programs, Higher Order Symbol. Comput, vol.14, issue.1, pp.59-91, 2001. ,
DOI : 10.1007/3-540-49099-X_4
Preventing Information Leaks through Shadow Executions, 2008 Annual Computer Security Applications Conference (ACSAC), 2008. ,
DOI : 10.1109/ACSAC.2008.50
Secure multi-execution: finegrained , declassification-aware, and transparent, CSF, 2013. ,
Precise Enforcement of Confidentiality for Reactive Systems, 2013 IEEE 26th Computer Security Foundations Symposium, 2013. ,
DOI : 10.1109/CSF.2013.9
Timing- and Termination-Sensitive Secure Information Flow: Exploring a New Approach, 2011 IEEE Symposium on Security and Privacy, 2011. ,
DOI : 10.1109/SP.2011.19
Secure multi-execution of web scripts: Theory and practice, Journal of Computer Security, vol.22, issue.4, 2014. ,
DOI : 10.3233/JCS-130495
Termination-Insensitive Noninterference Leaks More Than Just a Bit, ESORICS, 2008. ,
DOI : 10.3233/JCS-1996-42-304
Dimensions and Principles of Declassification, CSF, 2005. ,
Language-Based Information Erasure, 18th IEEE Computer Security Foundations Workshop (CSFW'05), 2005. ,
DOI : 10.1109/CSFW.2005.19
On Declassification and the Non-Disclosure Policy, 18th IEEE Computer Security Foundations Workshop (CSFW'05), 2005. ,
DOI : 10.1109/CSFW.2005.21
Flow Locks: Towards a Core Calculus for Dynamic Flow Policies, ESOP, 2006. ,
DOI : 10.3233/JCS-1996-42-304
Controlling the What and Where of Declassification in Language-Based Security Tractable Enforcement of Declassification Policies, ESOP CSF, 2007. ,
End-to-End Enforcement of Erasure and Declassification, 2008 21st IEEE Computer Security Foundations Symposium, 2008. ,
DOI : 10.1109/CSF.2008.12
Expressive Declassification Policies and Modular Static Enforcement, 2008 IEEE Symposium on Security and Privacy (sp 2008), 2008. ,
DOI : 10.1109/SP.2008.20
Downgrading policies and relaxed noninterference, POPL, 2005. ,
DOI : 10.1145/1040305.1040319
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.143.9195
A Model for Delimited Information Release, International Symposium on Software Security, 2003. ,
DOI : 10.1007/978-3-540-37621-7_9
Localized delimited release, Proceedings of the 2007 workshop on Programming languages and analysis for security , PLAS '07, 2007. ,
DOI : 10.1145/1255329.1255339
Decentralized Delimited Release, APLAS, 2011. ,
DOI : 10.3233/JCS-1996-42-304
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.295.1435
Compiling Information-Flow Security to Minimal Trusted Computing Bases, ESOP, 2011. ,
DOI : 10.3233/JCS-2006-14203
Verified enforcement of stateful information release policies, PLAS, 2008. ,
Confidentiality Enforcement Using Dynamic Information Flow Analyses, 2007. ,
URL : https://hal.archives-ouvertes.fr/tel-00198621
Featherweight firefox: Formalizing the core of a web browser, USENIX Conference on Web Application Development, 2010. ,
Secure Multi-Execution through Static Program Transformation, FMOODS/FORTE, 2012. ,
DOI : 10.1007/978-3-642-30793-5_12
WebJail, Proceedings of the 27th Annual Computer Security Applications Conference on, ACSAC '11, 2011. ,
DOI : 10.1145/2076732.2076775
Adsafe, 2009. ,
Caja: Safe active content in sanitized javascript ,
JSand, Proceedings of the 28th Annual Computer Security Applications Conference on, ACSAC '12, 2012. ,
DOI : 10.1145/2420950.2420952
Object Capabilities and Isolation of Untrusted Web Applications, 2010 IEEE Symposium on Security and Privacy, 2010. ,
DOI : 10.1109/SP.2010.16
Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks, USENIX Security, 2006. ,
Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis, NDSS, 2007. ,