We describe a new, dynamic, floating-label approach to language-based information flow
control, and present an implementation in Haskell. A labeled IO monad, LIO, keeps track of a …

Abstract Information-flow control tracks how information propagates through the program
during execution to make sure that the program handles the information securely. Secure …

Information-Flow Control (IFC) is a well-established approach for allowing untrusted code to
manipulate sensitive data without disclosing it. IFC is typically enforced via type systems and …

Protecting confidentiality of data has become increasingly important for computing systems.
Information-flow techniques have been developed over the years to achieve that purpose …

Nickel is a framework that helps developers design and verify information flow control
systems by systematically eliminating covert channels inherent in the interface, which can be …

The idea of building secure systems by plugging together" secure''components is appealing,
but this requires a definition of security which, in addition to taking care of top-level security …

Abstract Information flow control allows untrusted code to access sensitive and trustworthy
information without leaking this information. However, the presence of covert channels …

When termination of a program is observable by an adversary, confidential information may
be leaked by terminating accordingly. While this termination covert channel has limited …

For several decades, researchers from different communities have independently focused
on protecting confidentiality of data. Two distinct technologies have emerged for such …

Though Haskell is predominantly type-safe, implementations contain a few loopholes
through which code can bypass ty** and module encapsulation. This paper presents Safe …