Andrei Sabelfeld
Visar 116 publikationer
FakeX: A Framework for Detecting Fake Reviews of Browser Extensions
Spider-Scents: Grey-box Database-aware Web Scanning for Stored XSS
LazyTAP: On-Demand Data Minimization for Trigger-Action Applications
Black Ostrich: Web Application Scanning with String Solvers
Poster: Data Minimization by Construction for Trigger-Action Applications
Outsourcing MPC Precomputation for Location Privacy
Practical Data Access Minimization in Trigger-Action Platforms
No Signal Left to Chance: Driving Browser Extension Analysis by Download Patterns
Are chrome extensions compliant with the spirit of least privilege?
DeDup.js: Discovering Malicious and Vulnerable Extensions by Detecting Duplication
SecWasm: Information Flow Control for WebAssembly
Hardening the security analysis of browser extensions
EssentialFP: Exposing the Essence of Browser Fingerprinting
Data privacy in trigger-action systems
SandTrap: Securing JavaScript-driven Trigger-Action Platforms
Securing Node-RED Applications
Nontransitive Policies Transpiled
Black widow: Blackbox data-driven web scanning
Where are you bob? privacy-preserving proximity testing with a napping party
AutoNav: Evaluation and Automatization of Web Navigation Policies
VERONICA: Expressive and Precise Concurrent Information Flow Security
Clockwork: Tracking Remote Timing Attacks
HMAC and “secure preferences”: Revisiting chromium-based browsers security
Latex Gloves: Protecting Browser Extensions from Probing and Revelation Attacks
An empirical study of information flows in real-world Javascript
Information-flow control for database-backed applications
On the road with third-party apps: Security analysis of an in-vehicle app platform
Raising the bar: Evaluating origin-wide security manifests
Tracking Information Flow via Delayed Output: Addressing Privacy in IoT and Emailing Apps
If This Then What? Controlling Flows in IoT Apps
Information Flow Tracking for Side-Effectful Libraries
Prudent Design Principles for Information Flow Control
We are family: Relating information-flow trackers
Discovering Browser Extensions via Web Accessible Resources
Measuring login webpage security
Privacy-Preserving Location-Proximity for Mobile Apps
Welcome Message from the Program Committee Chairs EuroS&P 2017
A Principled Approach to Tracking Information Flow in the Presence of Libraries
Special issue on verified information flow security
PrivatePool: Privacy-Preserving Ridesharing
MaxPace: Speed-Constrained Location Queries
Explicit Secrecy: A Policy for Taint Tracking
Secure multi-execution: Fine-grained, declassification-aware, and transparent
Progress-sensitive security for SPARK
Data Exfiltration in the Face of CSP
Information-flow security for JavaScript and its APIs
JSLINQ: Building secure applications across tiers
Location-enhanced Authentication using the IoT
Javascript sandboxing: Isolating and restricting client-side javascript
Let’s face it: Faceted values for taint tracking
Location-enhanced authentication using the IoT because you cannot be in two places at once
Value Sensitivity and Observable Abstract Values for Information Flow Control
Web Application Security using JSFlow
Value-sensitive Hybrid Information Flow Control for a JavaScript-like Language
May I? - Content Security Policy Endorsement for Browser Extensions
Understanding and Enforcing Opacity
Password meters and generators on the web: From large-scale empirical study to getting it right
InnerCircle: A Parallelizable Decentralized Privacy-Preserving Location Proximity Protocol
Compositional Information-flow Security for Interactive Systems
SeLINQ: Tracking information across application-database boundaries
JSFlow: Tracking Information Flow in JavaScript and its APIs
Architectures for Inlining Security Monitors in Web Application
Securing Class Initialization in Java-like Languages
Secure multi-execution: Fine-grained, declassification-aware, and transparent
Polyglots: Crossing Origins by Crossing Formats
Boosting the Permissiveness of Dynamic Information-Flow Tracking by Testing
Information-flow security for a core of JavaScript
On-The-Fly Inlining Of Dynamic Security Monitors
Capabilities for information flow
Limiting Information Leakage in Event-based Communication
A Perspective on Information-Flow Control
Decentralized Delimited Release
Dynamic vs. Static Flow-Sensitive Security Analysis
Security of Multithreaded Programs by Compilation
A lattice-based approach to mashup security
On-the-fly inlining of dynamic security monitors
Unifying Facets of Information Integrity
Implicit flows in malicious and nonmalicious code
Securing Interaction between Threads and the Scheduler in the Presence of Synchronization
Secuirty of Multithreaded Programs by Compilation
Declassification: Dimensions and Principles
Catch Me If You Can: Permissive Yet Secure Error Handling
From dynamic to static and back: Riding the roller coaster of information-flow control research
Tight Enforcement of Information-Release Policies for Dynamic Languages
Tracking Information Flow in Dynamic Tree Structures
Securing Timeout Instructions in Web Applications
Cryptographically-Masked Flows
Termination-Insensitive Noninterference Leaks More Than Just a Bit.
Closing Internal Timing Channels by Transformation
Gradual Release: Unifying Declassification, Encryption and Key Release Policies
Security of Multithreaded Programs by Compilation
Localized Delimited Release: Combining the What and Where Dimensions of Information Release
Security for Multithreaded Programs under Cooperative Scheduling
Securing Interaction between Threads and the Scheduler
Enforcing Robust Declassification and Qualified Robustness
Cryptographically-Masked Flows
Dimensions and Principles of Declassification
Bridging Language-Based and Process Calculi Security
Secure Implementation of Cryptographic Protocols: A Case Study of Mutual Distrust
Proceedings of FCS'05 Workshop on Foundations of Computer Security
Security-typed languages for implementation of cryptographic protocols: A case study
Proceedings of Workshop on Foundations of Computer Security
Proceedings of FCS'04 Workshop on Foundations of Computer Security
A Model for Delimited Information Release
Enforcing Robust Declassification
A Per Model of Secure Information Flow in Sequential Programs
Probabilistic Noninterference for Multi-threaded Programs
Ladda ner publikationslistor
Du kan ladda ner denna lista till din dator.
Filtrera och ladda ner publikationslista
Som inloggad användare hittar du ytterligare funktioner i MyResearch.
Du kan även exportera direkt till Zotero eller Mendeley genom webbläsarplugins. Dessa hittar du här:
Zotero Connector
Mendeley Web Importer
Tjänsten SwePub erbjuder uttag av Researchs listor i andra format, till exempel kan du få uttag av publikationer enligt Harvard och Oxford i .RIS, BibTex och RefWorks-format.
Visar 11 forskningsprojekt
SEBRA: SEcuring BRowser Extensions by Information Flow Analysis
Mint: Minimizing Code and Data in Complex Systems”
Principiell säkerhet för framväxande applikationsdomäner
FlowShield: Securing Web Applications by Information Flow Tracking
WebSec: Säkerhet i webb-drivna system
WASP - Security for Autonomous Systems
FlexCSP - Putting Content Security Policy to work for Practical Web Applications
DecentLP: Robust decentraliserad plats-sekretess
Programming Language-Based Security To Rescue (PROSECUTOR)
Informationsdriven säker Business Intelligence (DataBIN)