Abstract Information-flow control tracks how information propagates through the program
during execution to make sure that the program handles the information securely. Secure …

This paper studies the problem of securing information release in dynamic languages. We
propose (i) an intuitive framework for information-release policies expressing both what can …

This paper introduces a novel runtime verification technique for a rich sub-class of Clarkson
and Schneider's hyperproperties. The primary application of such properties is in expressing …

Many programs operate reactively--patiently waiting for user input, running for a while
producing output, and eventually returning to a state where they are ready to accept another …

Industries and governments are increasingly compelled by regulations and public pressure
to handle sensitive information responsibly. Regulatory requirements and user expectations …

Hyperproperties are properties whose reasoning involve sets of traces. Examples of
hyperproperties include information-flow security properties, properties of coding/decoding …

Taint tracking is a popular security mechanism for tracking data-flow dependencies, both in
high-level languages and at the machine code level. But despite the many taint trackers in …

Recently, much progress has been made on achieving information-flow security via secure
multi-execution. Secure multi-execution (SME) is an elegant way to enforce security by …

Abstract Analysis of complex security and privacy policies (eg, information flow) involves
reasoning about multiple execution traces. This stems from the fact that an external observer …

In systems that handle confidential information, the security policy to enforce on information
frequently changes: new users join the system, old users leave, and sensitivity of data …