Andrei Sabelfeld

Professor vid Chalmers, Data- och informationsteknik, Informationssäkerhet

Visar 87 publikationer

2019

Latex Gloves: Protecting Browser Extensions from Probing and Revelation Attacks

Alexander Sjösten, Steven Van Acker, Pablo Picazo-Sanchez et al
Paper i proceeding
2018

Tracking Information Flow via Delayed Output: Addressing Privacy in IoT and Emailing Apps

Iulia Bastys, Frank Piessens, Andrei Sabelfeld
Lecture Notes in Computer Science. Vol. 11252 LNCS, p. 19-37
Paper i proceeding
2018

Assuring BetterTimes

Per Hallgren, Ravi Kishore, Martin Ochoa et al
Journal of Computer Security. Vol. 26 (4), p. 557-587
Artikel i vetenskaplig tidskrift
2018

Information Flow Tracking for Side-Effectful Libraries

Alexander Sjösten, Daniel Hedin, Andrei Sabelfeld
Lecture Notes in Computer Science. Vol. 10854, p. 141-160
Paper i proceeding
2018

Raising the bar: Evaluating origin-wide security manifests

Steven Van Acker, Daniel Hausknecht, Andrei Sabelfeld
Proceedings of the 34th Annual Computer Security Applications Conference, p. 342-354
Paper i proceeding
2018

Prudent Design Principles for Information Flow Control

Iulia Bastys, Frank Piessens, Andrei Sabelfeld
Proceedings of the 13th Workshop on Programming Languages and Analysis for Security, PLAS 2018, p. 17-23
Paper i proceeding
2018

If This Then What? Controlling Flows in IoT Apps

Iulia Bastys, Musard Balliu, Andrei Sabelfeld
Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, p. 1102-1119
Paper i proceeding
2017

We are family: Relating information-flow trackers

Musard Balliu, Daniel Schoepe, Andrei Sabelfeld
Lecture Notes in Computer Science. Vol. 10492 LNCS, p. 124-145
Paper i proceeding
2017

Special issue on verified information flow security

Toby Murray, Andrei Sabelfeld, Lujo Bauer
Journal of Computer Security. Vol. 25 (05-apr), p. 319-321
Artikel i övriga tidskrifter
2017

Measuring login webpage security

Steven Van Acker, Daniel Hausknecht, Andrei Sabelfeld
Proceedings of the ACM Symposium on Applied Computing. Vol. Part F128005, p. 1753-1760
Paper i proceeding
2017

PrivatePool: Privacy-Preserving Ridesharing

Per Hallgren, Claudio Orlandi, Andrei Sabelfeld
Proceedings - IEEE Computer Security Foundations Symposium, p. 276-291
Paper i proceeding
2017

Privacy-Preserving Location-Proximity for Mobile Apps

S. Stirbys, O.A. Nabah, Per Hallgren et al
Proceedings - 2017 25th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, PDP 2017, p. 337-345
Paper i proceeding
2017

A Principled Approach to Tracking Information Flow in the Presence of Libraries

Daniel Hedin, Alexander Sjösten, Frank Piessens et al
Lecture Notes in Computer Science. Vol. 10204, p. 49-70
Paper i proceeding
2017

Discovering Browser Extensions via Web Accessible Resources

Alexander Sjösten, Steven Van Acker, Andrei Sabelfeld
CODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Applications Security and Privacy, p. 329-336
Paper i proceeding
2016

Web Application Security using JSFlow

Daniel Hedin, Andrei Sabelfeld
2015 17th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing, p. 16-19
Konferensbidrag (offentliggjort, men ej förlagsutgivet)
2016

Javascript sandboxing: Isolating and restricting client-side javascript

Steven Van Acker, Andrei Sabelfeld
Lecture Notes in Computer Science. Vol. 9808, p. 32-86
Artikel i övriga tidskrifter
2016

Location-enhanced authentication using the IoT because you cannot be in two places at once

I. Agadakos, Per Hallgren, D. Damopoulos et al
ACM International Conference Proceeding Series. Vol. 5, p. 251-264
Paper i proceeding
2016

Data Exfiltration in the Face of CSP

Steven Van Acker, Daniel Hausknecht, Andrei Sabelfeld
Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, p. 853-864
Paper i proceeding
2016

Secure multi-execution: Fine-grained, declassification-aware, and transparent

Willard Thor Rafnsson, Andrei Sabelfeld
Journal of Computer Security. Vol. 24 (1), p. 39-90
Artikel i vetenskaplig tidskrift
2016

Progress-sensitive security for SPARK

Willard Thor Rafnsson, D. Garg, Andrei Sabelfeld
Lecture Notes in Computer Science. Vol. 9639, p. 20-37
Paper i proceeding
2016

MaxPace: Speed-Constrained Location Queries

Per Hallgren, Martin Ochoa, Andrei Sabelfeld
Proceedings of the IEEE Conference on Communications and Network Security (CNS), p. 136-144
Paper i proceeding
2016

Let’s face it: Faceted values for taint tracking

Daniel Schoepe, Musard Balliu, Frank Piessens et al
Lecture Notes in Computer Science. Vol. 9878 LNCS, 2016, p. 561-580
Paper i proceeding
2016

Explicit Secrecy: A Policy for Taint Tracking

Daniel Schoepe, Musard Balliu, B. C. Pierce et al
1st IEEE European Symposium on Security and Privacy (Euro S&P), Saarbruecken, Germany, Mar 21-24, 2016, p. 15-30
Paper i proceeding
2016

Information-flow security for JavaScript and its APIs

Daniel Hedin, Luciano Bello, Andrei Sabelfeld
Journal of Computer Security. Vol. 24 (2), p. 181-234
Artikel i vetenskaplig tidskrift
2016

JSLINQ: Building secure applications across tiers

Musard Balliu, Benjamin Liebe, Daniel Schoepe et al
6th ACM Conference on Data and Application Security and Privacy, CODASPY 2016; New Orleans; United States; 9 March 2016 through 11 March 2016, p. 307-318
Paper i proceeding
2016

Location-enhanced Authentication using the IoT

Ioannis Agadakos, Per Hallgren, Georgios Portokalidis et al
Proceedings of the Annual Computer Security Applications Conference (ACSAC)
Paper i proceeding
2015

Password meters and generators on the web: From large-scale empirical study to getting it right

Steven Van Acker, Daniel Hausknecht, W. Joosen et al
CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, p. 253-262
Paper i proceeding
2015

Value Sensitivity and Observable Abstract Values for Information Flow Control

Luciano Bello, Daniel Hedin, Andrei Sabelfeld
Lecture Notes in Computer Science. Vol. 9450, p. 63-78
Paper i proceeding
2015

Understanding and Enforcing Opacity

Daniel Schoepe, Andrei Sabelfeld
28th IEEE Computer Security Foundations Symposium, CSF 2015, Verona, Italy, 13 July-17 July. Vol. 2015-September, p. 539-553
Paper i proceeding
2015

Value-sensitive Hybrid Information Flow Control for a JavaScript-like Language

Daniel Hedin, Luciano Bello, Andrei Sabelfeld
28th IEEE Computer Security Foundations Symposium, CSF 2015, Verona, Italy, 13-17 July. Vol. 2015-September, p. 351-365
Paper i proceeding
2015

May I? - Content Security Policy Endorsement for Browser Extensions

Daniel Hausknecht, Jonas Magazinius, Andrei Sabelfeld
Lecture Notes in Computer Science, p. 261-281
Paper i proceeding
2015

BetterTimes: Privacy-assured Outsourced Multiplications for Additively Homomorphic Encryption on Finite Fields

Per Hallgren, Martin Ochoa, Andrei Sabelfeld
Lecture Notes in Computer Science. Vol. 9451, p. 291-309
Paper i proceeding
2015

InnerCircle: A Parallelizable Decentralized Privacy-Preserving Location Proximity Protocol

Per Hallgren, Martin Ochoa, Andrei Sabelfeld
Proceedings of the International Conference on Privacy, Security and Trust (PST), p. 1-6
Paper i proceeding
2014

JSFlow: Tracking Information Flow in JavaScript and its APIs

Daniel Hedin, Luciano Bello, Andrei Sabelfeld
Proceedings of the ACM Symposium on Applied Computing (SAC), p. 1663-1671
Paper i proceeding
2014

Compositional Information-flow Security for Interactive Systems

Willard Thor Rafnsson, Andrei Sabelfeld
27th IEEE Computer Security Foundations Symposium, CSF 2014, Vienna, Austria, 19-22 July 2014, p. 277-292
Paper i proceeding
2014

SeLINQ: Tracking information across application-database boundaries

Daniel Schoepe, Daniel Hedin, Andrei Sabelfeld
SIGPLAN Notices (ACM Special Interest Group on Programming Languages). Vol. 49 (9), p. 25-38
Paper i proceeding
2014

Architectures for Inlining Security Monitors in Web Application

Jonas Magazinius, Daniel Hedin, Andrei Sabelfeld
Lecture Notes in Computer Science. Vol. 8364, p. 141-160
Paper i proceeding
2013

Secure multi-execution: Fine-grained, declassification-aware, and transparent

Willard Thor Rafnsson, Andrei Sabelfeld
Proceedings of the Computer Security Foundations Workshop, p. 33-48
Paper i proceeding
2013

GlassTube

Per Hallgren, Daniel T. Mauritzson, Andrei Sabelfeld
PLAS '13 (ACM SIGPLAN workshop on Programming languages and analysis for security). Seattle , WA, USA. June 16-19, 2013. Vol. 8, p. 71-82
Paper i proceeding
2013

Securing Class Initialization in Java-like Languages

Willard Thor Rafnsson, K. Nakata, Andrei Sabelfeld
IEEE Transactions on Dependable and Secure Computing. Vol. 10 (1), p. 1-13
Artikel i vetenskaplig tidskrift
2013

Polyglots: Crossing Origins by Crossing Formats

Jonas Magazinius, Billy Rios, Andrei Sabelfeld
ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, Berlin, Germany, 4-8 November 2013, p. 753-764
Paper i proceeding
2012

Securing interactive programs

Willard Thor Rafnsson, Daniel Hedin, Andrei Sabelfeld
Proceedings of the Computer Security Foundations Symposium, p. 293-307
Paper i proceeding
2012

Boosting the Permissiveness of Dynamic Information-Flow Tracking by Testing

Arnar Birgisson, Daniel Hedin, Andrei Sabelfeld
Lecture Notes in Computer Science. Vol. 7459, p. 55-72
Artikel i vetenskaplig tidskrift
2012

Information-flow security for a core of JavaScript

Daniel Hedin, Andrei Sabelfeld
Proceedings of the Computer Security Foundations Symposium, p. 3-18
Paper i proceeding
2012

On-The-Fly Inlining Of Dynamic Security Monitors

Jonas Magazinius, Alejandro Russo, Andrei Sabelfeld
Computers and Security. Vol. 31 (7), p. 827-843
Artikel i vetenskaplig tidskrift
2011

Capabilities for information flow

Arnar Birgisson, Alejandro Russo, Andrei Sabelfeld
ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, p. article no. 5-
Paper i proceeding
2011

Limiting Information Leakage in Event-based Communication

Willard Thor Rafnsson, Andrei Sabelfeld
ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, p. (Article no. 4)-
Paper i proceeding
2011

Multi-run security

Arnar Birgisson, Andrei Sabelfeld
Lecture Notes in Computer Science, p. 372-391
Paper i proceeding
2011

Decentralized Delimited Release

Jonas Magazinius, Aslan Askarov, Andrei Sabelfeld
Lecture Notes in Computer Science. Vol. 7078, p. 220-237
Paper i proceeding
2011

A Perspective on Information-Flow Control

Daniel Hedin, Andrei Sabelfeld
Proceedings of the 2011 Marktoberdorf Summer School
Paper i proceeding
2010

Securing Class Initialization

Keiko Nakata, Andrei Sabelfeld
IFIP Advances in Information and Communication Technology. Vol. 321, p. 48-62
Paper i proceeding
2010

A lattice-based approach to mashup security

Jonas Magazinius, Aslan Askarov, Andrei Sabelfeld
5th ACM Symposium on Information, Computer and Communication Security, ASIACCS 2010; Beijing; 13 April 2010 through 16 April 2010, p. 15-23
Paper i proceeding
2010

Security of Multithreaded Programs by Compilation

Gilles Barthes, T. Rezk, Alejandro Russo et al
ACM Transactions on Information and System Security. Vol. 13 (3)
Artikel i vetenskaplig tidskrift
2010

On-the-fly inlining of dynamic security monitors

Jonas Magazinius, Alejandro Russo, Andrei Sabelfeld
IFIP Advances in Information and Communication Technology. Vol. 330, p. 173-186
Paper i proceeding
2010

Unifying Facets of Information Integrity

Arnar Birgisson, Alejandro Russo, Andrei Sabelfeld
Lecture Notes in Computer Science. Vol. 6503, p. 48-65
Paper i proceeding
2010

Dynamic vs. Static Flow-Sensitive Security Analysis

Alejandro Russo, Andrei Sabelfeld
Proceedings of the IEEE Computer Security Foundations Symposium, p. 186-199
Paper i proceeding
2009

Secuirty of Multithreaded Programs by Compilation

Gilles Barthe, Tamara Rezk, Alejandro Russo et al
Special Issue of ACM Transactions on Information and System Security (TISSEC)
Artikel i vetenskaplig tidskrift
2009

Declassification: Dimensions and Principles

Andrei Sabelfeld, David Sands
Journal of Computer Security. Vol. 17 (5), p. 517-548
Artikel i vetenskaplig tidskrift
2009

Implicit flows in malicious and nonmalicious code

Alejandro Russo, Andrei Sabelfeld, Li Keqin
Proceedings of the 2009 Marktoberdorf Summer School, IOS Press
Paper i proceeding
2009

Securing Timeout Instructions in Web Applications

Alejandro Russo, Andrei Sabelfeld
Proceedings of the 22th IEEE Computer Security Foundations Symposium
Paper i proceeding
2009

Catch Me If You Can: Permissive Yet Secure Error Handling

Aslan Askarov, Andrei Sabelfeld
ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Paper i proceeding
2009

Tight Enforcement of Information-Release Policies for Dynamic Languages

Aslan Askarov, Andrei Sabelfeld
2009 22nd IEEE Computer Security Foundations Symposium, CSF 2009; Port Jefferson, NY; United States; 8 July 2009 through 10 July 2009, p. 43-59
Paper i proceeding
2009

From dynamic to static and back: Riding the roller coaster of information-flow control research

Andrei Sabelfeld, Alejandro Russo
Lecture Notes in Computer Science. Vol. 5947, p. 352-365
Paper i proceeding
2009

Tracking Information Flow in Dynamic Tree Structures

Alejandro Russo, Andrei Sabelfeld, Andrey Chudnov
Lecture Notes in Computer Science, p. 86-103
Paper i proceeding
2009

Securing Interaction between Threads and the Scheduler in the Presence of Synchronization

Alejandro Russo, Andrei Sabelfeld
Journal of Logic and Algebraic Programming. Vol. 78 (7), p. 593-618
Artikel i vetenskaplig tidskrift
2008

Termination-Insensitive Noninterference Leaks More Than Just a Bit.

Aslan Askarov, Sebastian Hunt, Andrei Sabelfeld et al
Lecture Notes in Computer Science. Vol. 5283, p. 333-348
Paper i proceeding
2008

Cryptographically-Masked Flows

Aslan Askarov, Daniel Hedin, Andrei Sabelfeld
Theoretical Computer Science. Vol. 402 (2-3), p. 82-101
Artikel i vetenskaplig tidskrift
2007

Security of Multithreaded Programs by Compilation

Gilles Barthe, Tamara Rezk, Alejandro Russo et al
Lecture Notes in Computer Science. Vol. 4734, p. 2-18
Paper i proceeding
2007

Localized Delimited Release: Combining the What and Where Dimensions of Information Release

Aslan Askarov, Andrei Sabelfeld
ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, p. 53-60
Paper i proceeding
2007

Closing Internal Timing Channels by Transformation

Alejandro Russo, John Hughes, David Naumann et al
Proceedings of the 11th Annual Asian Computing Science Conference
Paper i proceeding
2007

Gradual Release: Unifying Declassification, Encryption and Key Release Policies

Aslan Askarov, Andrei Sabelfeld
Proceedings of the IEEE Symposium on Security and Privacy, p. 207-227
Paper i proceeding
2006

Securing Interaction between Threads and the Scheduler

Alejandro Russo, Andrei Sabelfeld
Proceedings of the 19th IEEE Computer Security Foundations Workshop, Venice, Italy, July 5-7, 2006. IEEE Computer Society Press.
Paper i proceeding
2006

Cryptographically-Masked Flows

Aslan Askarov, Daniel Hedin, Andrei Sabelfeld
Lecture Notes in Computer Science. Vol. 4134, p. 353-369
Paper i proceeding
2006

Security for Multithreaded Programs under Cooperative Scheduling

Alejandro Russo, Andrei Sabelfeld
Proceedings of Andrei Ershov International Conference on Perspectives of System Informatics, Akademgorodok, Novosibirsk, Russia, June 27-30, 2006. LNCS, Springer-Verlag.
Paper i proceeding
2006

Enforcing Robust Declassification and Qualified Robustness

Andrew Myers, Andrei Sabelfeld, Steve Zdancewic
Journal of Computer Security. Vol. 14 (2), p. 157-196
Artikel i vetenskaplig tidskrift
2005

Proceedings of FCS'05 Workshop on Foundations of Computer Security

Andrei Sabelfeld
Samlingsverk (redaktörskap)
2005

Bridging Language-Based and Process Calculi Security

Riccardo Focardi, Sabina Rossi, Andrei Sabelfeld
Proceedings of Foundations of Software Science and Computation Structures (FOSSACS'05),. Vol. LNCS (3441), p. 299-315
Paper i proceeding
2005

Security-typed languages for implementation of cryptographic protocols: A case study

Aslan Askarov, Andrei Sabelfeld
Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS' 2005), LNCS. Vol. 3679, p. 197-221
Paper i proceeding
2005

Dimensions and Principles of Declassification

Andrei Sabelfeld, David Sands
Proceedings of the 18th IEEE Computer Security Foundations Workshop
Paper i proceeding
2004

Proceedings of Workshop on Foundations of Computer Security

Andrei Sabelfeld
Samlingsverk (redaktörskap)
2004

Proceedings of FCS'04 Workshop on Foundations of Computer Security

Andrei Sabelfeld
Samlingsverk (redaktörskap)
2004

A Model for Delimited Information Release

Andrei Sabelfeld, Andrew Myers
Lecture Notes in Computer Science. Vol. 3233, p. 174-191
Artikel i vetenskaplig tidskrift
2004

Enforcing Robust Declassification

Andrew Myers, Andrei Sabelfeld, Steve Zdancewic
Proceedings of the 17th IEEE Computer Security Foundations Workshop / edited by Riccardo Focardi, p. 172--186-
Paper i proceeding
2001

A Per Model of Secure Information Flow in Sequential Programs

Andrei Sabelfeld, David Sands
Higher-Order and Symbolic Computation. Vol. 14 (1), p. 59-91
Artikel i vetenskaplig tidskrift
2000

Probabilistic Noninterference for Multi-threaded Programs

Andrei Sabelfeld, David Sands
Proceedings of the 13th IEEE Computer Security Foundations Workshop, p. 200-214
Paper i proceeding

Spara referenser

Om du har installerat Zotero eller Mendeley på din dator kan du direkt ta ut referenser från de publikationer du ser i listan.

Du laddar ner dessa pluginer här:
Zotero
Mendeley

Visar 6 forskningsprojekt

2018–2023

WebSec: Säkerhet i webb-drivna system

Andrei Sabelfeld Informationssäkerhet
Alejandro Russo Informationssäkerhet
David Sands Informationssäkerhet
Stiftelsen för Strategisk forskning (SSF)

2016–2016

FlexCSP - Putting Content Security Policy to work for Practical Web Applications

Andrei Sabelfeld Programvaruteknik, Grupp A
Google Ireland Ltd

2015–2018

AppFlow

David Sands Programvaruteknik
Andrei Sabelfeld Informationssäkerhet
Alejandro Russo Informationssäkerhet
Niklas Broberg Informationssäkerhet
Vetenskapsrådet (VR)

2015–2018

DecentLP: Robust decentraliserad plats-sekretess

Andrei Sabelfeld Programvaruteknik
Vetenskapsrådet (VR)

2013–2017

Programming Language-Based Security To Rescue (PROSECUTOR)

Andrei Sabelfeld Programvaruteknik
Europeiska kommissionen (FP7)

2012–2016

Informationsdriven säker Business Intelligence (DataBIN)

David Sands Programvaruteknik
Devdatt Dubhashi Datavetenskap
Peter Damaschke Datavetenskap
Gerardo Schneider Programvaruteknik
Olof Mogren Datavetenskap
Raul Pardo Jimenez Programvaruteknik
Hamid Ebadi Tavallaei Programvaruteknik
Fredrik Johansson Datavetenskap
Andrei Sabelfeld Programvaruteknik
Stiftelsen för Strategisk forskning (SSF)

Det kan finnas fler projekt där Andrei Sabelfeld medverkar, men du måste vara inloggad som anställd på Chalmers för att kunna se dem.

Feedback och support

Om du har frågor, behöver hjälp, hittar en bugg eller vill ge feedback kan du göra det här nedan. Du når oss också direkt per e-post research.lib@chalmers.se eller via telefon 031-772 3744.

Om tjänsten

Research.chalmers.se innehåller information om forskning på Chalmers, publikationer och projekt inklusive information om finansiärer och samarbetspartners.

Läs mer om tjänsten, täckningsgrad och vilka som kan se informationen

Länkar

Chalmers bibliotek
Chalmers forskning
Forskningsprojekt på chalmers.se

Chalmers tekniska högskola

412 96 GÖTEBORG
TELEFON: 031-772 10 00
WWW.CHALMERS.SE