Development of technology, progress and increase of information flow have the impact also on the development of enterprises and require rapid changes in their information systems. The growth and complexity of functionality that they currently should face cause that their design and realization become the difficult tasks and strategic for the enterprises at the same time. The informations system...

We present a novel progress-sensitive, flow-sensitive hybrid information-flow control monitor for an imperative interactive language. Progress-sensitive information-flow control is a strong information security guarantee which ensures that a program’s progress (or lack of) does not leak information. Flow-sensitivity means that this strong security guarantee is enforced fairly precisely: we trac...

Privacy and integrity concerns have been mounting in recent years as sensitive data such asmedical records, social network records, and corporate and government secrets are increasingly being stored in online systems. The rate of high-profile breaches has illustrated that current techniques are inadequate for protecting sensitive information. Many of these breaches involve databases that handle...

The ATM Forum has chosen the rate-based approach for ow control of ABR (Available Bit Rate) traac in ATM. It is based on a reactive approach whereby the transmission rate of ABR sources can be adapted to the available bandwidth at a bottleneck link. The ATM forum has speciied the behavior of the source and destination, as well as the manner in which feedback information (on the available bandwi...

Modern web applications heavily rely on JavaScript code executing in the browser. These web scripts are useful for instance for improving the interactivity and responsiveness of web applications, and for gathering web analytics data. However, the execution of server-provided code in the browser also brings substantial security and privacy risks. Web scripts can access a fair amount of sensitive...

Sometimes Web sites fail in the worst ways. They can reveal private data that can never be retracted [60, 72, 78, 79]. Or they can succumb to vandalism, and subsequently show corrupt data to users [27]. Blame can fall on the off-the-shelf software that runs the site (e.g., the operating system, the application libraries, the Web server, etc.), but more frequently (as in the above references), t...

• Java runtime library shrinking: only includes necessary reachable classes • Classification of common coding patterns that are safe, but fail static analysis • Use of aspect-oriented weaving tools to intercept call paths that have not been whitelisted by to static analysis or manual examination • Investigating just-in-time application of I-JVM's static field techniques • Appreciation that the ...

Websites today routinely combine JavaScript from multiple sources, both trusted and untrusted. Hence, JavaScript security is of paramount importance. A specific interesting problem is information flow control (IFC) for JavaScript. In this paper, we develop, formalize and implement a dynamic IFC mechanism for the JavaScript engine of a production Web browser (specifically, Safari’s WebKit engine...

The growing use of mobile code in downloaded programs such as applets and servlets has increased interest in robust mechanisms for ensuring privacy and secrecy. Common security mechanisms such as sandboxing and access control are either too restrictive or too weak—they prevent applications from sharing data usefully, or allow private information to leak. For example, security mechanisms in Java...

J,;6%7%9%F%‘$K$*$1$k>pJsN.@)8f 0BED >;;K N)@n 7I9T BlBt @? El5~EE5!Bg3XM}9)3XIt7P1D9)3X2J J,;61~MQ$O!"J#?t$N%*%V%8%’%/%H$+$i$J$k%0%k!<%W$,DL?.LV$rDL$8$F%a%C%;!<%8$N8r49$r9T$&$3$H$G]7?A‘:n1i;;$NBP$K$h$jI=8=$5$l!"%*%V%8%’%/%H$K$h$jDs6!$5$l$kA‘ 1i;;$rDL$7$F$N$_A‘:n$9$k$3$H$,$G$-$k!#$^$?!"A‘:n1i;;$O$5$i$KB>$N%*%V%8%’%/%H$,Ds6!$9$kA‘:n1i;;$r $S=P$9$3$H$,$"$k...