Andrei Sabelfeld
Professor vid
Chalmers, Data- och informationsteknik, Informationssäkerhet
Visar 88 publikationer
2019
On the road with third-party apps: Security analysis of an in-vehicle app platform
Benjamin Eriksson, Jonas Groth, Andrei Sabelfeld
VEHITS 2019 - Proceedings of the 5th International Conference on Vehicle Technology and Intelligent Transport Systems, p. 64-75
Paper i proceeding
2019
Latex Gloves: Protecting Browser Extensions from Probing and Revelation Attacks
Alexander Sjösten, Steven Van Acker, Pablo Picazo-Sanchez et al
Paper i proceeding
2018
Tracking Information Flow via Delayed Output: Addressing Privacy in IoT and Emailing Apps
Iulia Bastys, Frank Piessens, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 11252 LNCS, p. 19-37
Paper i proceeding
2018
Assuring BetterTimes
Per Hallgren, Ravi Kishore, Martin Ochoa et al
Journal of Computer Security. Vol. 26 (4), p. 557-587
Artikel i vetenskaplig tidskrift
2018
Information Flow Tracking for Side-Effectful Libraries
Alexander Sjösten, Daniel Hedin, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 10854, p. 141-160
Paper i proceeding
2018
Prudent Design Principles for Information Flow Control
Iulia Bastys, Frank Piessens, Andrei Sabelfeld
Proceedings of the 13th Workshop on Programming Languages and Analysis for Security, PLAS 2018, p. 17-23
Paper i proceeding
2018
Raising the bar: Evaluating origin-wide security manifests
Steven Van Acker, Daniel Hausknecht, Andrei Sabelfeld
Proceedings of the 34th Annual Computer Security Applications Conference, p. 342-354
Paper i proceeding
2018
If This Then What? Controlling Flows in IoT Apps
Iulia Bastys, Musard Balliu, Andrei Sabelfeld
Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, p. 1102-1119
Paper i proceeding
2017
We are family: Relating information-flow trackers
Musard Balliu, Daniel Schoepe, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 10492 LNCS, p. 124-145
Paper i proceeding
2017
Special issue on verified information flow security
Toby Murray, Andrei Sabelfeld, Lujo Bauer
Journal of Computer Security. Vol. 25 (05-apr), p. 319-321
Artikel i övriga tidskrifter
2017
Measuring login webpage security
Steven Van Acker, Daniel Hausknecht, Andrei Sabelfeld
Proceedings of the ACM Symposium on Applied Computing. Vol. Part F128005, p. 1753-1760
Paper i proceeding
2017
PrivatePool: Privacy-Preserving Ridesharing
Per Hallgren, Claudio Orlandi, Andrei Sabelfeld
Proceedings - IEEE Computer Security Foundations Symposium, p. 276-291
Paper i proceeding
2017
Privacy-Preserving Location-Proximity for Mobile Apps
S. Stirbys, O.A. Nabah, Per Hallgren et al
Proceedings - 2017 25th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2017, p. 337-345
Paper i proceeding
2017
A Principled Approach to Tracking Information Flow in the Presence of Libraries
Daniel Hedin, Alexander Sjösten, Frank Piessens et al
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 10204, p. 49-70
Paper i proceeding
2017
Discovering Browser Extensions via Web Accessible Resources
Alexander Sjösten, Steven Van Acker, Andrei Sabelfeld
CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Applications Security and Privacy, p. 329-336
Paper i proceeding
2016
Web Application Security using JSFlow
Daniel Hedin, Andrei Sabelfeld
2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing, p. 16-19
Konferensbidrag (offentliggjort, men ej förlagsutgivet)
2016
Javascript sandboxing: Isolating and restricting client-side javascript
Steven Van Acker, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 9808, p. 32-86
Artikel i övriga tidskrifter
2016
Location-enhanced authentication using the IoT because you cannot be in two places at once
I. Agadakos, Per Hallgren, D. Damopoulos et al
ACM International Conference Proceeding Series. Vol. 5, p. 251-264
Paper i proceeding
2016
Data Exfiltration in the Face of CSP
Steven Van Acker, Daniel Hausknecht, Andrei Sabelfeld
Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, p. 853-864
Paper i proceeding
2016
Secure multi-execution: Fine-grained, declassification-aware, and transparent
Willard Thor Rafnsson, Andrei Sabelfeld
Journal of Computer Security. Vol. 24 (1), p. 39-90
Artikel i vetenskaplig tidskrift
2016
Progress-sensitive security for SPARK
Willard Thor Rafnsson, D. Garg, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 9639, p. 20-37
Paper i proceeding
2016
MaxPace: Speed-Constrained Location Queries
Per Hallgren, Martin Ochoa, Andrei Sabelfeld
Proceedings of the IEEE Conference on Communications and Network Security (CNS), p. 136-144
Paper i proceeding
2016
Let’s face it: Faceted values for taint tracking
Daniel Schoepe, Musard Balliu, Frank Piessens et al
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 9878 LNCS, 2016, p. 561-580
Paper i proceeding
2016
Explicit Secrecy: A Policy for Taint Tracking
Daniel Schoepe, Musard Balliu, B. C. Pierce et al
1st IEEE European Symposium on Security and Privacy (Euro S&P), Saarbruecken, Germany, Mar 21-24, 2016, p. 15-30
Paper i proceeding
2016
Information-flow security for JavaScript and its APIs
Daniel Hedin, Luciano Bello, Andrei Sabelfeld
Journal of Computer Security. Vol. 24 (2), p. 181-234
Artikel i vetenskaplig tidskrift
2016
JSLINQ: Building secure applications across tiers
Musard Balliu, Benjamin Liebe, Daniel Schoepe et al
6th ACM Conference on Data and Application Security and Privacy, CODASPY 2016; New Orleans; United States; 9 March 2016 through 11 March 2016, p. 307-318
Paper i proceeding
2016
Location-enhanced Authentication using the IoT
Ioannis Agadakos, Per Hallgren, Georgios Portokalidis et al
Proceedings of the Annual Computer Security Applications Conference (ACSAC)
Paper i proceeding
2015
Password meters and generators on the web: From large-scale empirical study to getting it right
Steven Van Acker, Daniel Hausknecht, W. Joosen et al
CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, p. 253-262
Paper i proceeding
2015
Value Sensitivity and Observable Abstract Values for Information Flow Control
Luciano Bello, Daniel Hedin, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 9450, p. 63-78
Paper i proceeding
2015
Understanding and Enforcing Opacity
Daniel Schoepe, Andrei Sabelfeld
28th IEEE Computer Security Foundations Symposium, CSF 2015, Verona, Italy, 13 July-17 July. Vol. 2015-September, p. 539-553
Paper i proceeding
2015
Value-sensitive Hybrid Information Flow Control for a JavaScript-like Language
Daniel Hedin, Luciano Bello, Andrei Sabelfeld
28th IEEE Computer Security Foundations Symposium, CSF 2015, Verona, Italy, 13-17 July. Vol. 2015-September, p. 351-365
Paper i proceeding
2015
May I? - Content Security Policy Endorsement for Browser Extensions
Daniel Hausknecht, Jonas Magazinius, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), p. 261-281
Paper i proceeding
2015
BetterTimes: Privacy-assured Outsourced Multiplications for Additively Homomorphic Encryption on Finite Fields
Per Hallgren, Martin Ochoa, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 9451, p. 291-309
Paper i proceeding
2015
InnerCircle: A Parallelizable Decentralized Privacy-Preserving Location Proximity Protocol
Per Hallgren, Martin Ochoa, Andrei Sabelfeld
Proceedings of the International Conference on Privacy, Security and Trust (PST), p. 1-6
Paper i proceeding
2014
JSFlow: Tracking Information Flow in JavaScript and its APIs
Daniel Hedin, Luciano Bello, Andrei Sabelfeld
Proceedings of the ACM Symposium on Applied Computing (SAC), p. 1663-1671
Paper i proceeding
2014
Compositional Information-flow Security for Interactive Systems
Willard Thor Rafnsson, Andrei Sabelfeld
27th IEEE Computer Security Foundations Symposium, CSF 2014, Vienna, Austria, 19-22 July 2014, p. 277-292
Paper i proceeding
2014
SeLINQ: Tracking information across application-database boundaries
Daniel Schoepe, Daniel Hedin, Andrei Sabelfeld
SIGPLAN Notices (ACM Special Interest Group on Programming Languages). Vol. 49 (9), p. 25-38
Paper i proceeding
2014
Architectures for Inlining Security Monitors in Web Application
Jonas Magazinius, Daniel Hedin, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 8364, p. 141-160
Paper i proceeding
2013
Secure multi-execution: Fine-grained, declassification-aware, and transparent
Willard Thor Rafnsson, Andrei Sabelfeld
Proceedings of the Computer Security Foundations Workshop, p. 33-48
Paper i proceeding
2013
GlassTube
Per Hallgren, Daniel T. Mauritzson, Andrei Sabelfeld
PLAS '13 (ACM SIGPLAN workshop on Programming languages and analysis for security). Seattle , WA, USA. June 16-19, 2013. Vol. 8, p. 71-82
Paper i proceeding
2013
Securing Class Initialization in Java-like Languages
Willard Thor Rafnsson, K. Nakata, Andrei Sabelfeld
IEEE Transactions on Dependable and Secure Computing. Vol. 10 (1), p. 1-13
Artikel i vetenskaplig tidskrift
2013
Polyglots: Crossing Origins by Crossing Formats
Jonas Magazinius, Billy Rios, Andrei Sabelfeld
ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, Berlin, Germany, 4-8 November 2013, p. 753-764
Paper i proceeding
2012
Securing interactive programs
Willard Thor Rafnsson, Daniel Hedin, Andrei Sabelfeld
Proceedings of the Computer Security Foundations Symposium, p. 293-307
Paper i proceeding
2012
Boosting the Permissiveness of Dynamic Information-Flow Tracking by Testing
Arnar Birgisson, Daniel Hedin, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 7459, p. 55-72
Artikel i vetenskaplig tidskrift
2012
Information-flow security for a core of JavaScript
Daniel Hedin, Andrei Sabelfeld
Proceedings of the Computer Security Foundations Symposium, p. 3-18
Paper i proceeding
2012
On-The-Fly Inlining Of Dynamic Security Monitors
Jonas Magazinius, Alejandro Russo, Andrei Sabelfeld
Computers and Security. Vol. 31 (7), p. 827-843
Artikel i vetenskaplig tidskrift
2011
Capabilities for information flow
Arnar Birgisson, Alejandro Russo, Andrei Sabelfeld
ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, p. article no. 5-
Paper i proceeding
2011
Limiting Information Leakage in Event-based Communication
Willard Thor Rafnsson, Andrei Sabelfeld
ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, p. (Article no. 4)-
Paper i proceeding
2011
Multi-run security
Arnar Birgisson, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), p. 372-391
Paper i proceeding
2011
Decentralized Delimited Release
Jonas Magazinius, Aslan Askarov, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 7078, p. 220-237
Paper i proceeding
2011
A Perspective on Information-Flow Control
Daniel Hedin, Andrei Sabelfeld
Proceedings of the 2011 Marktoberdorf Summer School
Paper i proceeding
2010
Securing Class Initialization
Keiko Nakata, Andrei Sabelfeld
IFIP Advances in Information and Communication Technology. Vol. 321, p. 48-62
Paper i proceeding
2010
A lattice-based approach to mashup security
Jonas Magazinius, Aslan Askarov, Andrei Sabelfeld
5th ACM Symposium on Information, Computer and Communication Security, ASIACCS 2010; Beijing; 13 April 2010 through 16 April 2010, p. 15-23
Paper i proceeding
2010
Security of Multithreaded Programs by Compilation
Gilles Barthes, T. Rezk, Alejandro Russo et al
ACM Transactions on Information and System Security. Vol. 13 (3)
Artikel i vetenskaplig tidskrift
2010
On-the-fly inlining of dynamic security monitors
Jonas Magazinius, Alejandro Russo, Andrei Sabelfeld
IFIP Advances in Information and Communication Technology. Vol. 330, p. 173-186
Paper i proceeding
2010
Unifying Facets of Information Integrity
Arnar Birgisson, Alejandro Russo, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 6503, p. 48-65
Paper i proceeding
2010
Dynamic vs. Static Flow-Sensitive Security Analysis
Alejandro Russo, Andrei Sabelfeld
Proceedings of the IEEE Computer Security Foundations Symposium, p. 186-199
Paper i proceeding
2009
Secuirty of Multithreaded Programs by Compilation
Gilles Barthe, Tamara Rezk, Alejandro Russo et al
Special Issue of ACM Transactions on Information and System Security (TISSEC)
Artikel i vetenskaplig tidskrift
2009
Declassification: Dimensions and Principles
Andrei Sabelfeld, David Sands
Journal of Computer Security. Vol. 17 (5), p. 517-548
Artikel i vetenskaplig tidskrift
2009
Implicit flows in malicious and nonmalicious code
Alejandro Russo, Andrei Sabelfeld, Li Keqin
Proceedings of the 2009 Marktoberdorf Summer School, IOS Press
Paper i proceeding
2009
Securing Timeout Instructions in Web Applications
Alejandro Russo, Andrei Sabelfeld
Proceedings of the 22th IEEE Computer Security Foundations Symposium
Paper i proceeding
2009
Catch Me If You Can: Permissive Yet Secure Error Handling
Aslan Askarov, Andrei Sabelfeld
ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Paper i proceeding
2009
Tight Enforcement of Information-Release Policies for Dynamic Languages
Aslan Askarov, Andrei Sabelfeld
2009 22nd IEEE Computer Security Foundations Symposium, CSF 2009; Port Jefferson, NY; United States; 8 July 2009 through 10 July 2009, p. 43-59
Paper i proceeding
2009
From dynamic to static and back: Riding the roller coaster of information-flow control research
Andrei Sabelfeld, Alejandro Russo
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 5947, p. 352-365
Paper i proceeding
2009
Tracking Information Flow in Dynamic Tree Structures
Alejandro Russo, Andrei Sabelfeld, Andrey Chudnov
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), p. 86-103
Paper i proceeding
2009
Securing Interaction between Threads and the Scheduler in the Presence of Synchronization
Alejandro Russo, Andrei Sabelfeld
Journal of Logic and Algebraic Programming. Vol. 78 (7), p. 593-618
Artikel i vetenskaplig tidskrift
2008
Termination-Insensitive Noninterference Leaks More Than Just a Bit.
Aslan Askarov, Sebastian Hunt, Andrei Sabelfeld et al
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 5283, p. 333-348
Paper i proceeding
2008
Cryptographically-Masked Flows
Aslan Askarov, Daniel Hedin, Andrei Sabelfeld
Theoretical Computer Science. Vol. 402 (2-3), p. 82-101
Artikel i vetenskaplig tidskrift
2007
Security of Multithreaded Programs by Compilation
Gilles Barthe, Tamara Rezk, Alejandro Russo et al
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 4734, p. 2-18
Paper i proceeding
2007
Localized Delimited Release: Combining the What and Where Dimensions of Information Release
Aslan Askarov, Andrei Sabelfeld
ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, p. 53-60
Paper i proceeding
2007
Closing Internal Timing Channels by Transformation
Alejandro Russo, John Hughes, David Naumann et al
Proceedings of the 11th Annual Asian Computing Science Conference
Paper i proceeding
2007
Gradual Release: Unifying Declassification, Encryption and Key Release Policies
Aslan Askarov, Andrei Sabelfeld
Proceedings of the IEEE Symposium on Security and Privacy, p. 207-227
Paper i proceeding
2006
Computer Security - ESORICS 2006 11th European Symposium on Research in Computer Security, Hamburg, Germany, September 18-20, 2006, Proceedings
Dieter Gollmann, Jan Meier, Andrei Sabelfeld
Samlingsverk (redaktörskap)
2006
Securing Interaction between Threads and the Scheduler
Alejandro Russo, Andrei Sabelfeld
Proceedings of the 19th IEEE Computer Security Foundations Workshop, Venice, Italy, July 5-7, 2006. IEEE Computer Society Press.
Paper i proceeding
2006
Cryptographically-Masked Flows
Aslan Askarov, Daniel Hedin, Andrei Sabelfeld
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 4134, p. 353-369
Paper i proceeding
2006
Security for Multithreaded Programs under Cooperative Scheduling
Alejandro Russo, Andrei Sabelfeld
Proceedings of Andrei Ershov International Conference on Perspectives of System Informatics, Akademgorodok, Novosibirsk, Russia, June 27-30, 2006. LNCS, Springer-Verlag.
Paper i proceeding
2006
Enforcing Robust Declassification and Qualified Robustness
Andrew Myers, Andrei Sabelfeld, Steve Zdancewic
Journal of Computer Security. Vol. 14 (2), p. 157-196
Artikel i vetenskaplig tidskrift
2005
Secure Implementation of Cryptographic Protocols: A Case Study of Mutual Distrust
Aslan Askarov, Andrei Sabelfeld
Rapport
2005
Proceedings of FCS'05 Workshop on Foundations of Computer Security
Andrei Sabelfeld
Samlingsverk (redaktörskap)
2005
Bridging Language-Based and Process Calculi Security
Riccardo Focardi, Sabina Rossi, Andrei Sabelfeld
Proceedings of Foundations of Software Science and Computation Structures (FOSSACS'05),. Vol. LNCS (3441), p. 299-315
Paper i proceeding
2005
Security-typed languages for implementation of cryptographic protocols: A case study
Aslan Askarov, Andrei Sabelfeld
Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS' 2005), LNCS. Vol. 3679, p. 197-221
Paper i proceeding
2005
Dimensions and Principles of Declassification
Andrei Sabelfeld, David Sands
Proceedings of the 18th IEEE Computer Security Foundations Workshop
Paper i proceeding
2004
Proceedings of Workshop on Foundations of Computer Security
Andrei Sabelfeld
Samlingsverk (redaktörskap)
2004
Proceedings of FCS'04 Workshop on Foundations of Computer Security
Andrei Sabelfeld
Samlingsverk (redaktörskap)
2004
A Model for Delimited Information Release
Andrei Sabelfeld, Andrew Myers
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 3233, p. 174-191
Artikel i vetenskaplig tidskrift
2004
Enforcing Robust Declassification
Andrew Myers, Andrei Sabelfeld, Steve Zdancewic
Proceedings of the 17th IEEE Computer Security Foundations Workshop / edited by Riccardo Focardi, p. 172--186-
Paper i proceeding
2001
A Per Model of Secure Information Flow in Sequential Programs
Andrei Sabelfeld, David Sands
Higher-Order and Symbolic Computation. Vol. 14 (1), p. 59-91
Artikel i vetenskaplig tidskrift
2000
Probabilistic Noninterference for Multi-threaded Programs
Andrei Sabelfeld, David Sands
Proceedings of the 13th IEEE Computer Security Foundations Workshop, p. 200-214
Paper i proceeding
Visar 8 forskningsprojekt
2019–2022
Principiell säkerhet för framväxande applikationsdomäner
Andrei Sabelfeld
Informationssäkerhet
Vetenskapsrådet (VR)
2018–2020
FlowShield: Securing Web Applications by Information Flow Tracking
Andrei Sabelfeld
Informationssäkerhet
Europeiska forskningsrådet (ERC)
2018–2023
WebSec: Säkerhet i webb-drivna system
Andrei Sabelfeld
Informationssäkerhet
David Sands
Informationssäkerhet
Alejandro Russo
Informationssäkerhet
Stiftelsen för Strategisk forskning (SSF)
2016–2016
FlexCSP - Putting Content Security Policy to work for Practical Web Applications
Andrei Sabelfeld
Programvaruteknik, Grupp A
Google Ireland Ltd
2015–2018
AppFlow
David Sands
Programvaruteknik
Andrei Sabelfeld
Informationssäkerhet
Alejandro Russo
Informationssäkerhet
Niklas Broberg
Informationssäkerhet
Vetenskapsrådet (VR)
2015–2018
DecentLP: Robust decentraliserad plats-sekretess
Andrei Sabelfeld
Programvaruteknik
Vetenskapsrådet (VR)
2013–2017
Programming Language-Based Security To Rescue (PROSECUTOR)
Andrei Sabelfeld
Programvaruteknik
Europeiska kommissionen (FP7)
2012–2016
Informationsdriven säker Business Intelligence (DataBIN)
David Sands
Programvaruteknik
Devdatt Dubhashi
Datavetenskap
Peter Damaschke
Datavetenskap
Gerardo Schneider
Programvaruteknik
Olof Mogren
Datavetenskap
Raul Pardo Jimenez
Programvaruteknik
Hamid Ebadi Tavallaei
Programvaruteknik
Fredrik Johansson
Datavetenskap
Andrei Sabelfeld
Programvaruteknik
Stiftelsen för Strategisk forskning (SSF)
Det kan finnas fler projekt där Andrei Sabelfeld medverkar, men du måste vara inloggad som anställd på Chalmers för att kunna se dem.