Tight Enforcement of Information-Release Policies for Dynamic Languages
Paper in proceeding, 2009

This paper studies the problem of securing information release in dynamic languages. We propose (i) an intuitive framework for information-release policies expressing both what can be released by an application and where in the code this release may take place and (ii) tight and modular enforcement by hybrid mechanisms that combine monitoring with on-the-fly static analysis for a language with dynamic code evaluation and communication primitives. The policy framework and enforcement mechanisms support both termination-sensitive and insensitive security policies.

Author

Aslan Askarov

Cornell University

Other publications Research

Andrei Sabelfeld

Chalmers, Computer Science and Engineering (Chalmers), Software Engineering and Technology (Chalmers)

Other publications Research

2009 22nd IEEE Computer Security Foundations Symposium, CSF 2009; Port Jefferson, NY; United States; 8 July 2009 through 10 July 2009

1940-1434 (ISSN)

43-59
978-076953712-2 (ISBN)

Subject Categories

Computer and Information Science

DOI

10.1109/CSF.2009.22

Publication data connected to DOI

ISBN

978-076953712-2

More information

Latest update

4/12/2018

Feedback and support

If you have questions, need help, find a bug or just want to give us feedback you may use this form, or contact us per e-mail research.lib@chalmers.se.

About

Research.chalmers.se contains research information from Chalmers University of Technology, Sweden. It includes information on projects, publications, research funders and collaborations.

More about coverage period and what is publicly available

Privacy and cookies

Accessibility

Citation Style Language
citeproc-js (Frank Bennett)

Links

Chalmers Library
Chalmers Research
Chalmers Student Theses

Chalmers University of Technology

SE-412 96 GOTHENBURG, SWEDEN
PHONE: +46 (0)31-772 10 00
WWW.CHALMERS.SE