Part I of this book is a practical introduction to working with the Isabelle proof assistant. It
teaches you how to write functional programs and inductive definitions and how to prove …

This paper seeks to answer fundamental questions about trade-offs between static and
dynamic security analysis. It has been previously shown that flow-sensitive static information …

Tracking information flow in dynamic languages remains an important and intricate problem.
This paper makes substantial headway toward understanding the main challenges and …

We describe a new, dynamic, floating-label approach to language-based information flow
control, and present an implementation in Haskell. A labeled IO monad, LIO, keeps track of a …

Security concerns are widely seen as an obstacle to the adoption of cloud computing
solutions. Information Flow Control (IFC) is a well understood Mandatory Access Control …

Abstract Information-flow control tracks how information propagates through the program
during execution to make sure that the program handles the information securely. Secure …

A key challenge in dynamic information flow analysis is handling implicit flows, where code
conditional on a private variable updates a public variable x. The naive approach of …

This paper studies the problem of securing information release in dynamic languages. We
propose (i) an intuitive framework for information-release policies expressing both what can …

We develop the first language-based, Privacy by Design approach that provides support for
a rich class of privacy policies. The policies are user-defined, rather than programmer …

Information-Flow Control (IFC) is a well-established approach for allowing untrusted code to
manipulate sensitive data without disclosing it. IFC is typically enforced via type systems and …