, Reachability analysis of term rewriting systems Articles de journaux francophones Spécification et mécanisme de détection de flots d'information illégaux Jaume M, IJICS International Journal of Information and Computer Security. Journal of Automated Reasoning, 2004.
, Actes de conférences internationales GroddDroid : a Gorilla for Triggering Malicious Behaviors Abraham A
, Allemagne (2015) Privacy-Preserving Reputation Mechanism : A Usable Solution Handling Negative Ratings Lajoie-Mazenc P, VISSOFT. IEEE Working Conference on Software Visualization
, International Conference on Network and System Security. Chine (2014) A Privacy Preserving Distributed Reputation Mechanism, IFIPTM. International Conference on Trust Management. Allemagne (2015) Towards a Semantics for System Calls in terms of Information Flow International Conference on Systems. Espagne (2015) ? Capturing Android Malware Behaviour using System Flow Graph Viet Triem Tong V. ICC. International Conference on Communications. Hongrie (2013) Diagnosing intrusions in Android operating system using system flow graph Andriatsimandefitra R., Viet Triem Tong V., Mé L. WISG. Workshop Interdisciplinaire sur la Sécurité Globale. France (2013) ? Information Flow Policies vs Malware. Andriatsimandefitra R., Saliou T., Viet Triem Tong V. IAS. Information assurance and security, 2013.
, Secure states versus Secure executions : From access control to flow control Jaume M Inde (2013) User Defined Control Flow Policy for Web Service Orchestration Computer & Electronics Security Applications Rendez-vous. France(2012) Designing information flow policies for Android's operating system Activités scientifiques, ? BSPL : A Language to Specify and Compose Fine-grained Information Flow Policies ICISS. International Conference on Information Systems Security Viet Triem Tong V. ICC. International Conference on Communications. Canada (2012) Preventing data leakage in service orchestration Demongeot T., Totel E., Viet Triem Tong V., Le Traon Y. IAS. International Conference on Information Assurance and Security, 2011.
, Actes de la Conférence sur la sécurité des Architectures Réseaux et des Systèmes d, Information. France, 2008.
, Détection fiable et pertinente de flux d'information illégaux
, Ce problème est aujourd'hui étudié en partie dans les langages de programmation, Mantel et Reinhard se sont intéressés dans [MR07] à ce qui pouvait être déclassifié et au devenir de l'information déclassifiée
, information concernée s'accordent sur une éventuelle déclassification Dans ce travail, il s'agissait de permettre un flux d'information illégal mais éventuellement nécessaire au fonctionnement d'un service web Ce flux pouvait avoir lieu jamais -une fois -toujours selon la volonté de tous les propriétaires de l'information. Ce travail est une première réflexion qui propose essentiellement que la décision de la déclassification soit prise conjointement par les propriétaires de l'information. Il reste encore à réfléchir à la manière de mettre en oeuvre cet accord, surtout lorsque les propriétaires de l'information ne sont pas atteignables , parce qu'ils sont développeurs d'une application par exemple. Il faut aussi s'intéresser au devenir de l'information déclassifiée
, Designing information flow policies for android's operating system, Proceedings of the International Conference on Computer Communications (ICC), 2012. [And] Androguard
, Characterization and detection of android malware based on information flows, 2014.
URL : https://hal.archives-ouvertes.fr/tel-01127434
, Information flow policies vs malware, 2013 9th International Conference on Information Assurance and Security (IAS), 2013.
DOI : 10.1109/ISIAS.2013.6947747
URL : https://hal.archives-ouvertes.fr/hal-00862468
, Capturing Android Malware Behaviour using System Flow Graph, NSS 2014 -The 8th International Conference on Network and System Security, 2014.
, Information Flow Policies vs Malware ? Final Battle ?, Journal of Information Assurance and Security, vol.9, issue.2, pp.72-82, 2014.
, Poster Abstract : Highlighting Easily How Malicious Applications Corrupt Android Devices, Research in Attacks, Intrusions, and Defenses, 2014.
, Diagnosing intrusions in android operating system using system flow graph, Workshop Interdisciplinaire sur la Sécurité Globale, 2013.
URL : https://hal.archives-ouvertes.fr/hal-00875211
, Secure computer systems : Mathematical foundations. MTR-2547 (ESD-TR-73-278-I), MITRE Corp, vol.1, 1973.
, Sif : Enforcing confidentiality and integrity in web applications, 16th USENIX Security Symp, 2007.
, Certification of programs for secure information flow, Communications of the ACM, vol.20, issue.7, pp.504-513, 1977.
, On the derivation of lattice structured information flow policies, 1976.
, A lattice model of secure information flow, Communications of the ACM, vol.19, issue.5, pp.236-243, 1976.
DOI : 10.1145/360051.360056
, Android : From reversing to decompilation, 2011.
, Preventing data leakage in service orchestration, 2011 7th International Conference on Information Assurance and Security (IAS), 2011.
DOI : 10.1109/ISIAS.2011.6122806
URL : https://hal.archives-ouvertes.fr/hal-00657796
, TaintDroid, Proc. of the USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2010.
DOI : 10.1145/2619091
, Labels and event processes in the asbestos operating system, Proceedings of the Twentieth ACM Symposium on Operating Systems Principles, SOSP '05, pp.17-30, 2005.
, Frédéric Tronel, and Valérie Viet Triem Tong Information flow control for intrusion detection derived from mac policy, Proceedings of the International Conference on Computer Communications (ICC), 2011.
, Blare Tools: A Policy-Based Intrusion Detection System Automatically Set by the Security Policy, 2009.
DOI : 10.1007/978-3-642-04342-0_22
URL : https://hal.archives-ouvertes.fr/hal-00420117
, Bspl : a language to specify and compose fine-grained information flow policies, Proceedings of the The Seventh International Conference on Emerging Security Information , Systems and Technologies (SECURWARE), 2013.
URL : https://hal.archives-ouvertes.fr/hal-00909400
, A basis for intrusion detection in distributed systems using kernel-level data tainting, Theses, Supélec ; QUEENSLAND UNIVERSITY OF TECHNOLOGY, 2013.
URL : https://hal.archives-ouvertes.fr/tel-01066750
, Monitoring both os and program level information flows to detect intrusions against network servers, IEEE Workshop on "Monitoring, Attack Detection and Mitigation, 2007.
URL : https://hal.archives-ouvertes.fr/hal-00268408
, A taint marking approach to confidentiality violation detection, 10th Australasian Information Security Conference, 2012.
URL : https://hal.archives-ouvertes.fr/hal-00736045
, Spécification et mécanisme de détection de flots d'information illégaux, Technique et Science Informatiques (TSI), issue.6, pp.31713-742, 2012.
, Contrôle d'accès versus Contrôle de flots, 10emes Journées Francophones sur les Approches Formelles dans l'Assistance au développement des logiciels, pp.27-41, 2010.
, Flow based interpretation of access control : Detection of illegal information flows, 7th International Conference on Information Systems Security (ICISS), pp.72-86, 2011.
, Backtracking intrusions, Proceedings of the nineteenth ACM symposium on Operating systems principles, pp.223-236, 2003.
, Information flow control for standard os abstractions, Proceedings of the 21st Symposium on Operating Systems Principles, 2007.
, Information flow control for standard os abstractions, Proceedings of Twenty-first ACM SI- GOPS Symposium on Operating Systems Principles, SOSP '07, pp.321-334, 2007.
, Detection and prevention of lena malware on android, Journal of Internet Services and Information Security (JISIS), vol.3, issue.34, pp.63-71, 2013.
, A decentralized model for information flow control, SIGOPS Oper. Syst. Rev, vol.31, issue.5, pp.129-142, 1997.
, Controlling the What and Where of Declassification in Language-Based Security, Proceedings of the 16th European Conference on Programming, ESOP'07, pp.141-156, 2007.
DOI : 10.1007/978-3-540-71316-6_11
, Jflow : Practical mostly-static information flow control, Proceedings of the 26th ACM on Principles of Programming Languages, 1999.
, Jflow : practical mostly-static information flow control, 26th ACM Symp. on Principles of Programming Languages (POPL), pp.228-241, 1999.
, Information flow inference for ml, ACM Trans. Program. Lang. Syst, 2003.
, Lattice-based access control models, Computer, vol.26, issue.11, pp.9-19, 1993.
DOI : 10.1109/2.241422
, Lattice-based access control models, Computer, vol.26, issue.11, pp.9-19, 1993.
DOI : 10.1109/2.241422
, Declassification: Dimensions and principles, Journal of Computer Security, vol.17, issue.5, pp.517-548, 2009.
DOI : 10.3233/JCS-2009-0352
, Specifying and enforcing a fine-grained information flow policy : Model and experiments, Journal of Wireless Mobile Networks, Ubiquitous Computing and Dependable Applications, 2010.
URL : https://hal.archives-ouvertes.fr/hal-00516672
, Making information flow explicit in HiStar, Proc. of the USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2006.
DOI : 10.1145/2018396.2018419
, Making information flow explicit in HiStar, Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation, pp.19-19, 2006.
DOI : 10.1145/2018396.2018419
, Dissecting Android Malware: Characterization and Evolution, 2012 IEEE Symposium on Security and Privacy, pp.95-109
DOI : 10.1109/SP.2012.16