, Measuring Information Leakage Using Generalized Gain Functions, 2012 IEEE 25th Computer Security Foundations Symposium (CSF) IEEE, 2012. [AF09] Thomas H Austin and Cormac Flanagan. Efficient purelydynamic information flow analysis. SIGPLAN Notices, pp.265-279, 2009.
, Permissive Dynamic Information Flow Analysis, PLAS '10: Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, pp.1-12, 2010.
, Termination-Insensitive Noninterference Leaks More Than Just a Bit, Computer Security -ESORICS 2008, 2008.
DOI : 10.3233/JCS-1996-42-304
, Moniteur hybride de flux d'information pour un langage supportant des pointeurs, SARSSI -8` eme Conférence sur la Sécurité des Architectures Réseaux et des Systèmes d'Information, 2013.
URL : https://hal.archives-ouvertes.fr/hal-00909293
, Program Transformation for Non-interference Verification on Programs with Pointers, Security and Privacy Protection in Information Processing Systems, pp.231-244, 2013.
DOI : 10.1007/978-3-642-33826-7_16
URL : https://hal.archives-ouvertes.fr/hal-00814671
, System-level non-interference for BIBLIOGRAPHY constant-time cryptography. IACR Cryptology ePrint Archive Hybrid information flow monitoring against web tracking, Computer Security Foundations Symposium (CSF), pp.422-2013, 2013.
, Quantitative Notions of Leakage for One-try Attacks, Electronic Notes in Theoretical Computer Science, vol.249, pp.75-91, 2009.
DOI : 10.1016/j.entcs.2009.07.085
URL : https://hal.archives-ouvertes.fr/inria-00424852
, Secure information flow by self-composition, Computer Security Foundations Workshop Proceedings. 17th IEEE, pp.100-114, 2004.
DOI : 10.1109/csfw.2004.1310735
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.378.849
, Secure information flow by self-composition, Mathematical Structures in Computer Science, vol.4, issue.06, pp.1207-1252, 2011.
DOI : 10.1145/5397.5399
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.378.849
, Automatic Discovery and Quantification of Information Leaks, 2009 30th IEEE Symposium on Security and Privacy, pp.141-153, 2009.
DOI : 10.1109/SP.2009.18
, Mechanized Semantics for the Clight Subset of the C Language, Journal of Automated Reasoning, vol.29, issue.6, pp.263-288, 2009.
DOI : 10.1007/s10817-009-9148-3
URL : https://hal.archives-ouvertes.fr/inria-00352524
, A certified lightweight non-interference Java bytecode verifier, Mathematical Structures in Computer Science, vol.11, issue.05, pp.1032-1081, 2013.
DOI : 10.1109/JSAC.2002.806121
URL : https://hal.archives-ouvertes.fr/hal-00915189
, Preventing Timing Leaks Through Transactional Branching Instructions, Electronic Notes in Theoretical Computer Science, vol.153, issue.2, pp.33-55, 2006.
DOI : 10.1016/j.entcs.2005.10.031
, Static determination of dynamic properties of programs, Proceedings of the second International Symposium on Programming, pp.106-130, 1976.
, Abstract interpretation, Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages , POPL '77, pp.238-252, 1977.
DOI : 10.1145/512950.512973
URL : https://hal.archives-ouvertes.fr/hal-01108790
, Constructive versions of Tarski???s fixed point theorems, Pacific Journal of Mathematics, vol.82, issue.1, pp.43-57, 1979.
DOI : 10.2140/pjm.1979.82.43
, Systematic design of program analysis frameworks, Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages , POPL '79, pp.269-282, 1979.
DOI : 10.1145/567752.567778
, Higher-order abstract interpretation (and application to comportment analysis generalizing strictness, termination, projection and PER analysis of functional languages), Proceedings of 1994 IEEE International Conference on Computer Languages (ICCL'94), pp.95-112, 1994.
DOI : 10.1109/ICCL.1994.288389
, Combination of Abstractions in the ASTRÉEASTR´ASTRÉE Static Analyzer, Programming Languages and Systems, pp.272-300
, Orna Grumberg, and Doron Peled. Model Checking, 1999.
, Automatic discovery of linear restraints among variables of a program, Proceedings of the 5th ACM SIGACT-SIGPLAN symposium on Principles of programming languages , POPL '78, pp.84-96, 1978.
DOI : 10.1145/512760.512770
, A static analysis for quantifying information flow in a simple imperative language, Journal of Computer Security, vol.15, issue.3, pp.321-371, 2007.
DOI : 10.3233/JCS-2007-15302
, Virgile Prevosto , Julien Signoles, and Boris Yakobowski. Frama-C: A Program Analysis Perspective. Software Engineering and Formal Methods, pp.233-247, 2012.
, Quantitative Information Flow, Relations and Polymorphic Types, Journal of Logic and Computation, vol.15, issue.2, pp.181-199, 2005.
DOI : 10.1093/logcom/exi009
, Preventing Information Leaks through Shadow Executions, 2008 Annual Computer Security Applications Conference (ACSAC), pp.322-331, 2008.
DOI : 10.1109/ACSAC.2008.50
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.153.5494
, Quantifying information flow with beliefs, Journal of Computer Security, vol.17, pp.655-701, 2009.
, Information Flow Monitor Inlining, 2010 23rd IEEE Computer Security Foundations Symposium, pp.200-214, 2010.
DOI : 10.1109/CSF.2010.21
, Information transmission in computational systems, SOSP '77: Proceedings of the sixth ACM symposium on Operating systems principles, pp.133-139, 1977.
, The calculational design of a generic abstract interpreter, NATO ASI SERIES F COMPUTER AND SYS- TEMS SCIENCES, vol.173, pp.421-506, 1999.
, A Certified Denotational Abstract Interpreter, Interactive Theorem Proving, pp.9-24, 2010.
DOI : 10.1007/978-3-642-14052-5_3
URL : https://hal.archives-ouvertes.fr/inria-00537810
, Elements of Information Theory 2nd Edition, 2006.
, Certification of programs for secure information flow, Communications of the ACM, vol.20, issue.7, pp.504-513, 1977.
DOI : 10.1145/359636.359712
, On the derivation of lattice structured information flow policies, 1976.
, A Lattice Model of Secure Information Flow, Commun. ACM (), vol.19, issue.5, pp.236-243, 1976.
, Cryptography and data security, 1982.
, Noninterference through Secure Multi-execution, 2010 IEEE Symposium on Security and Privacy, pp.109-124, 2010.
DOI : 10.1109/SP.2010.15
URL : https://lirias.kuleuven.be/bitstream/123456789/265429/1/secure-multi-execution-final.pdf
, All Secrets Great and Small, Programming Languages and Systems, pp.207-221
DOI : 10.1007/978-3-642-00590-9_16
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.157.7440
, How Unique Is Your Web Browser?, Privacy Enhancing Technologies, pp.1-18, 2010.
DOI : 10.1007/978-3-642-14527-8_1
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.381.1264
, Min-entropy as a resource, Information and Computation, vol.226, pp.57-75, 2013.
DOI : 10.1016/j.ic.2013.03.005
, The Spirit of Ghost Code, CAV, vol.8559, issue.1, pp.1-16, 2014.
, Analytic combinatorics, 2009.
DOI : 10.1017/CBO9780511801655
URL : https://hal.archives-ouvertes.fr/inria-00072739
, Security Policies and Security Models, IEEE Symposium on Security and Privacy, pp.11-20, 1982.
, Static analysis of arithmetical congruences, International Journal of Computer Mathematics, vol.30, issue.3-4, 1989.
DOI : 10.1145/29873.29875
, On flow-sensitive security types, POPL '06: Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp.79-90, 2006.
, A Perspective on Information-Flow Control. Software Safety and Security, pp.319-347, 1987.
, Virgile Prevosto, Julien Signoles, and Boris Yakobowski. Frama-C: A Software Analysis Perspective, Formal Aspects of Computing, pp.1-37, 2015.
, Certification of Compiler Optimizations Using Kleene Algebra with Tests, Computational Logic, pp.1861568-582, 2000.
, Approximation and Randomization for Quantitative Information-Flow Analysis, 2010 23rd IEEE Computer Security Foundations Symposium, pp.3-14, 2010.
DOI : 10.1109/CSF.2010.8
, Automation of Quantitative Information-Flow Analysis, SFM, vol.21, issue.1, pp.79381-79409, 2013.
DOI : 10.1007/978-3-642-00596-1_21
, How to Write a Proof, The American Mathematical Monthly, vol.102, issue.7, pp.600-608, 1995.
DOI : 10.2307/2974556
, More enforceable security policies. Foundations of Computer Security Workshop, 2002.
, Edit automata: enforcement mechanisms for run-time security policies, International Journal of Information Security, vol.3, issue.1-2, pp.2-16, 2005.
DOI : 10.1007/s10207-004-0046-8
, Formal verification of a realistic compiler, Communications of the ACM, vol.52, issue.7, pp.107-115, 2009.
DOI : 10.1145/1538788.1538814
URL : https://hal.archives-ouvertes.fr/inria-00415861
, Automaton-based Confidentiality Monitoring of Concurrent Programs. CSF, pp.218-232, 2007.
URL : https://hal.archives-ouvertes.fr/inria-00161019
, Precise dynamic verification of confidentiality, Proceedings of the 5th International Verification Workshop in connection with IJCAR 2008, 2008.
, Automata-Based Confidentiality Monitoring, ASIAN'06: Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues, 2006.
DOI : 10.1007/11555827_21
URL : https://hal.archives-ouvertes.fr/inria-00130210
, Assessing security threats of looping constructs, ACM SIGPLAN Notices, pp.225-235
, Risk assessment of security threats for looping constructs*, Journal of Computer Security, vol.18, issue.2, pp.191-228, 2010.
DOI : 10.3233/JCS-2010-0360
, Static Analysis for Efficient Hybrid Information-Flow Control, 2011 IEEE 24th Computer Security Foundations Symposium, pp.146-160, 2011.
DOI : 10.1109/CSF.2011.17
, A general theory of composition for trace sets closed under selective interleaving functions, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy, pp.79-93, 1994.
DOI : 10.1109/RISP.1994.296590
, Symbolic Methods to Enhance the Precision of Numerical Abstract Domains, Verification, Model Checking, and Abstract Interpretation, pp.348-363, 2006.
DOI : 10.1007/11609773_23
, The octagon abstract domain. Higher-order and symbolic computation, pp.31-100, 2006.
, A Calculational Approach to Control-Flow Analysis by Abstract Interpretation, SAS, vol.5079, pp.347-362, 2008.
DOI : 10.1007/978-3-540-69166-2_23
, Dynamic Enforcement of Knowledge-Based Security Policies, 2011 IEEE 24th Computer Security Foundations Symposium, pp.114-128, 2011.
DOI : 10.1109/CSF.2011.15
, Jif: Java Information Flow Software release, 2001.
, Trace Partitioning in Abstract Interpretation Based Static Analyzers, ESOP'05: Proceedings of the 14th European conference on Programming Languages and Systems, pp.5-20, 2005.
DOI : 10.1007/978-3-540-31987-0_2
, Onthe-fly Inlining of Dynamic Security Monitors, Security and Privacy ? Silver Linings in the Cloud, pp.173-186, 2010.
, Onthe-fly inlining of dynamic security monitors, Computers & Security, issue.7, pp.31827-843, 2012.
, Calculating bounds on information leakage using two-bit patterns, Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security, PLAS '11, p.1, 2011.
DOI : 10.1145/2166956.2166957
, Enforcing robust declassification and qualified robustness, Journal of Computer Security, 2006.
, JFlow: Practical Mostly-Static Information Flow Control, pp.228-241, 1999.
, Principles of Program Analysis, 1999.
DOI : 10.1007/978-3-662-03811-6
, A structural approach to operational semantics, 1981.
, A structural approach to operational semantics, J. Log. Algebr. Program. (), vol.60, pp.17-139, 2004.
, Infinite words : automata, semigroups, logic and games
URL : https://hal.archives-ouvertes.fr/hal-00112831
, On measures of entropy and information, the Fourth Berkeley Symposium on Mathematical Statistics and Probability, 1961.
, The trace partitioning abstract domain, ACM Transactions on Programming Languages and Systems, vol.29, issue.5, p.26, 2007.
DOI : 10.1145/1275497.1275501
, Dynamic vs. Static Flow-Sensitive Security Analysis, 2010 23rd IEEE Computer Security Foundations Symposium, pp.186-199, 2010.
DOI : 10.1109/CSF.2010.20
, Enforceable security policies, ACM Transactions on Information and System Security, vol.3, issue.1, pp.30-50, 2000.
, A Mathematical Theory of Communication. The Bell System Technical Journal, pp.379-423, 1948.
, The Flow Caml System: documentation and user's manual Software release, 2003.
, Language-based information-flow security. Selected Areas in Communications, IEEE Journal on, vol.21, issue.1, pp.5-19, 2003.
DOI : 10.1109/jsac.2002.806121
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.10.3979
, A Model for Delimited Information Release, Software Security -Theories and Systems, pp.174-191, 2004.
DOI : 10.1007/978-3-540-37621-7_9
, On the Foundations of Quantitative Information Flow, Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held As Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009, FOSSACS '09, pp.288-302, 2009.
DOI : 10.1137/060651380
, Quantifying Information Flow Using Min-Entropy, 2011 Eighth International Conference on Quantitative Evaluation of SysTems
DOI : 10.1109/QEST.2011.31
, Declassification: Dimensions and principles, Journal of Computer Security, vol.17, issue.5, 2009.
DOI : 10.3233/jcs-2009-0352
URL : http://doi.org/10.3233/jcs-2009-0352
, A lattice-theoretical fixpoint theorem and its applications, Pacific Journal of Mathematics, vol.5, issue.2, pp.285-309, 1955.
DOI : 10.2140/pjm.1955.5.285
, A sound type system for secure flow analysis, Journal of Computer Security, vol.4, issue.2-3, pp.167-187, 1996.
DOI : 10.3233/JCS-1996-42-304
, Eliminating covert flows with minimum typings, Proceedings 10th Computer Security Foundations Workshop, pp.156-168, 1997.
DOI : 10.1109/CSFW.1997.596807
, Verifying secrets and relative secrecy, Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages , POPL '00, pp.268-276, 2000.
DOI : 10.1145/325694.325729
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.152.7333
, The formal semantics of programming languages: an introduction. The formal semantics of programming languages: an introduction, 1993.
, On Bounding Problems of Quantitative Information Flow, Computer Security ? ESORICS 2010, pp.357-372, 2010.
, Quantitative Information Flow - Verification Hardness and Possibilities, 2010 23rd IEEE Computer Security Foundations Symposium, pp.15-27, 2010.
DOI : 10.1109/CSF.2010.9
, On bounding problems of quantitative information flow, Journal of Computer Security, vol.19, issue.6, pp.1029-1082, 2011.
DOI : 10.3233/JCS-2011-0437
, Programming languages for information security, 2002.
, Robust declassification, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001., pp.15-23, 2001.
DOI : 10.1109/CSFW.2001.930133
, A change of variable k ? k ? 1 gives the desired result, knowing that D(a 2 ) = D(x) + 1 by 52 and typing. 58, p.61
, M ? ? v ?(a 1 ,0) (notice that c 2 T also assigns ?(a 1 , 0) But since it just propagates r-values of L L (a 1 ) ? pc which are already propagated by c 0 T , the value of ?(a 1 , 0) keeps being equal
, Proof: Since ?(x, 0) in not modified by T [a 1 = a 2 , pc]. a 1 = a 2 modifies only locations in Loc(P ). c 2 T do not modify ?(x, 0) since E(x) / ? S P (a 1 = a 2 ). c 1 T modifies only pointers and ?(x, 0) is not
, Proof: Since assignment pc ? does not modify neither locations in Loc(P ) nor locations associated to shadow variables defined by Additionally, pc ? = s a ? pc where s a is the result of r-value evaluation of a in