Computer Science ›› 2018, Vol. 45 ›› Issue (6A): 36-40.
• Review • Previous Articles Next Articles
ZHU Hao1,2,CHEN Jian-ping1
CLC Number:
[1]SABELFELD A,SANDS D.Declassification:dimensions and principles[J].Journal of Computer Security,2009,7(5):517-548. [2]姜励.基于程序设计语言的安全降密模型研究[D].杭州:浙江大学,2008. [3]沈昌祥,张大伟,刘吉强,等.可信3.0战略:可信计算的革命性演变[J].中国工程科学,2016,18(6):53-57. [4]沈国华,黄志球,谢冰,等.软件可信评估研究综述:标准、模型与工具[J].软件学报,2016,27(4):955-968. [5]ZHANG L,ZHENGY,KANTOA R.A Review of Homomorphic Encryption and its Applications[C]//Proceedings of the 9th EAI International Conference on Mobile Multimedia Communications.Xi’an,ICST,2016:97-106. [6]VAN DIJK M,JUELS A.On the impossibility of cryptography alone for privacy-preserving cloud computing[C]∥5th USENIX Conference on Hot topics in security (HotSec’10).Washington,USENIX Association,2010:1-8. [7]SABELFELD A,MYERS A C.Language-based information flow security[J].Selected Areas in Communications,2006,21(1):5-19. [8]ALAM MI,HALDER,R.Data-Centric Refinement of Information Flow Analysis of Database Applications[C]∥Proceedings of the Third International Symposium on Security in Computing and Communications.Kochi,Springer International Publishing,2015:506-518. [9]GOGUEN J A,MESEGUER J.Security policies and security models[C]∥Proceedings of IEEE Symposium on Security and Privacy.Oakland:IEEE,1982:11-20. [10]COHEN E.Information transmission in computational systems[J].ACM SIGOPS Operating Systems Review,1977,11(5):133-139. [11]SABELFELD A,SANDS D.A per model of secure information flow in sequential programs[J].Higher-order and Symbolic Computation,2001,14(1):59-91. [12]SABELFELD A,MYERS A.A Model for Delimited Information Release[M]∥Software Security-Theories and Systems.Springer Berlin Heidelberg,2004:174-191. [13]LUX A,MANTEL H.Declassification with explicit reference points[C]∥14th European Conference on Research in Compu-ter Security.Saint-Malo:Springer-Verlag,2009:21-23. [14]ADETOYE A,BADII A.A Policy Model for Secure Information Flow[M]∥Foundations and Applications of Security Analysis.Springer-Verlay,2009:1-17. [15]MICINSKI K,FETTER-DEGGES J,JEON J,et al.Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution[C]∥Proceedings of the 20th European Symposium on Research in Computer Security.Vienna:Springer International Publishing,2015:520-538. [16]GREINER S,GRAHL D.Non-interference with What-Declassification in Component-Based Systems[C]∥Proceedings of the 2016 IEEE 29th Computer Security Foundations Symposium (CSF).Lisbon:IEEE,2016:253-267. [17]HAIGH J T,KEMMERER RA,MCHUGH J,et al.An experience using two covert channel analysis techniques on a real system design [C]∥1986 IEEE Symposium on Security and Privacy.IEEE,1987:14. [18]RUSHBY J.Noninterference,transitivity,and channel-control security policies:CSL-92-02[R].Menlo Park:SRI International Computer Science Laboratory,1992. [19]BALDAN P,BEGGIATO A.Multilevel Transitive and Intransitive Non-interference,Causally[C]∥Proceedings of the 18th IFIP WG 6.1 International Conference.Greece:Springer International Publishing,2016:1-17. [20]EGGERT S,VAN DER MEYDEN R.Dynamic intransitive Noninterference revisited[M]∥Formal Aspects of Computing,2017,29(4):1-34. [21]MANTEL H,SANDS D.Controlled declassification based on intransitive noninterference [M]∥Programming Languages and Systems.Springer Berlin Heidelberg,2004:129-145. [22]HICKS B,KING D,MCDANIEL P,et al.Information release:high-level policy for a security-typed language [C]∥Procee-dings of the 2006 Workshop on Programming Languages and Analysis for Security.Ottawa:ACM Computer Society Press,2006:65-74. [23]ASKAROV A,SABELFELD A.Gradual Release:Unifying Declassification,Encryption and Key Release Policies[C]∥Proceedings of IEEE Symposium on Security and Privacy.Berkeley,CA:IEEE Computer Society Press,2007:207-221. [24]BROBERG N,SANDS D.Flow locks:Towards a core calculus for dynamic flow policies[M]∥Programming Languages and Systems.Springer Berlin Heidelber,2006:180-196. [25]MYERS A C,LISKOV B.Protecting privacy using the decentralized label model [J].ACM Transactions on Software Engineering and Methodology (TOSEM),2000,9(4):410-442. [26]KOZYRI E,ARDEN O,AC MYERS.JRIF:Reactive Information Flow Control for Java[EB/OL].(2016-02-12)[2017-8-21].https://ecommons.cornell.edu/handle/1813/41194. [27]ZDANCEWIC S,MYERS A C.Robust declassification[C]∥Proceedings of IEEE Computer Security Foundations Workshop.Cape Breton:IEEEComputer Society Press,2001:15-23. [28]MYERS A C,SABELFELD A,ZDANCEWIC S.Enforcing robust declassification and qualified robustness[J].Journal of Computer Security,2006,14(2):157-196. [29]ASKAROV A,MYERS A.A semantic framework for declassification and endorsement[C]∥European Conference on Programming Languages and Systems.Springer-Verlag,2010:64-84. [30]ASKAROV A,MYERS A.Attacker control and impact for confidentiality and integrity[J].Logical Methods in Computer Science,2011,7(3):563-572. [31]VOLPANO D,SMITH G.Verifying secrets and relative secrecy [C]∥Proceedings of 27th ACM SIGPLAN-SIGACTSympo-sium on Principles of Programming Languages.Boston,MA:ACM Computer Society Press,2000:268-276. [32]VOLPANO D.Secure introduction of one-way functions[C]∥Proceedings of 13th IEEE Computer Security Foundations Workshop.Cambridge:IEEE Computer Society Press,2000:246-254. [33]CHONG S,MYERS A C.Security policies for downgrading [C]∥ 11th ACM Conference on Computer and Communications Securi-ty.Washington DC:ACM Computer Society Press,2004:198-209. [34]YAO J,TANG Y.Security Downgrading Policies for Competi- tive Bidding System[M]∥Software Engineering and Knowledge Engineering:Theory and Practice.Springer Berlin Heidelberg,2012:587-95. [35]吴泽智,陈性元,杨智,等.信息流控制研究进展[J].软件学报,2017,28(1):135-159. [36]孙聪,唐礼勇,陈钟.基于下推系统可达性分析的程序机密消去机制[J].软件学报,2012,23(8):2149-2162. [37]孙聪,唐礼勇,陈钟.基于下推系统可达性分析的输出信道信息流检测[J].计算机科学,2011,38(7):103-107. [38]MICINSKI K,FETTER-DEGGES J,JEON J,et al.Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution[C]∥Proceedings of 20th European Symposium on Research in Computer Security.Vienna:springer International Publishing,2015:520-538. [39]SABELFELD A,RUSSO A.From dynamic to static and back:Riding the roller coaster of information-flow control research [M]∥Perspectives of Systems Informatics.Springer Berlin Heidelberg,2010,5947:352-365. [40]SHROFF P,SMITH S,THOBER M.Dynamic Dependency Monitoring to Secure Information Flow[C]∥Proceedings of the 20th IEEE Symposiumon Computer Security Foundations.Veni-ce:IEEEComputer Society Press,2007:203-217. [41]RUSSO A,SABELFELD A.Securing timeout instructions in web applications[C]∥Proceedings of the 22nd IEEE Sympo-sium on ComputerSecurity Foundations.Port Jefferson:IEEE Computer Society Press,2009:92-106. [42]金丽,朱浩.基于自动机监控的二维降密策略[J].计算机科学,2015,42(7):194-199. [43]ASKAROV A,SABELFELD A.Tight enforcement of information-release policies for dynamic languages[C]∥Proceedings of the 25nd IEEE Symposium on ComputerSecurity Foundations.Port Jefferson:IEEE Computer Society Press,2012:43-59. [44]SRIDHAR M,HAMLEN K W.Flexible in-lined reference monitor certification:challenges and future directions[C]∥Procee-dings of the 5th ACM Workshop on Programming Languages Meets Program Verification.Austin,Texas:ACM,2011:55-60. [45]朱浩,陈建平,金丽.二维降密策略的内联引用监控方法[J].计算机科学,2016,43(11A):352-354. [46]BOLO I,GARG D.Asymmetric Secure Multi-execution with Declassification[C]∥Proceedings of the 5th International Conference on Principles of Security and Trust.Netherlands:Springer-Verlag New York,2016:24-45. [47]VANHOEF M,GROEF W D,DEVRIESE D,et al.Stateful Declassification Policies for Event-Driven Programs[C]∥Procee-dings of the 2014 IEEE 27th Computer Security Foundations Symposium.Vienna:IEEE Computer Society,2014:293-307. [48]ASKAROV A,SABELFELD A.Localized delimited release: Combining the what andwhere dimensions of information release[C]∥Proceedings of the 2007 Workshop on Programming Languages and Analysis for Security.San Diego:ACM,2007:53-60. [49]MAGAZINIUS J,ASKAROV A,SABELFELD A.Decentra- lized delimited release[C]∥Proceedings of the 9th Asian Conference on Programming Languages and Systems.Kenting,Taiwan:Springer-Verlag,2011:220-237. [50]姜励,陈健,平玲娣,等.多线程程序的信息抹除和降密安全策略[J].浙江大学学报(工学版),2010,44(5):854-862. [51]金丽,朱浩.多线程环境中的二维降密策略[J].计算机科学,2015,42(12):243-246,282. [52]VAN DER MEYDEN R.Architectural refinement and notions of intransitive noninterference [J].Formal Aspects of Computing,2012,24(4):769-792. |
[1] | ZHANG Xiao-yan, LI Qin-wei, FU Fu-jie. Secret Verification Method of Blockchain Transaction Amount Based on Digital Commitment [J]. Computer Science, 2021, 48(9): 324-329. |
[2] | WANG Xue-jian, ZHAO Guo-lei, CHANG Chao-wen, WANG Rui-yun. Illegal Flow Analysis for Lattice Model of Information Flow [J]. Computer Science, 2019, 46(2): 139-144. |
[3] | DU Yuan-zhi, DU Xue-hui and YANG Zhi. Mixed Flow Policy Based On-demand Distributed Cloud Information Flow Control Model [J]. Computer Science, 2017, 44(10): 150-158. |
[4] | WEI Zhen-yu, LU Xiang and SHI Ting-jun. Cross-domain PKI-based Key Agreement Protocol [J]. Computer Science, 2017, 44(1): 155-158. |
[5] | ZHU Hao, CHEN Jian-ping and JIN Li. In-lined Reference Monitor Method of Two-dimension Information Release Policy [J]. Computer Science, 2016, 43(Z11): 352-354. |
[6] | CHEN Liang, ZENG Rong-ren, LI Feng and YANG Wei-ming. Trust Chain Transfer Model Based on Non-interference Theory [J]. Computer Science, 2016, 43(10): 141-144. |
[7] | JIN Li and ZHU Hao. Declassification Policy Based on Automaton Monitoring [J]. Computer Science, 2015, 42(7): 194-199. |
[8] | YU Zhi-min, JING Zheng-jun and GU Chun-sheng. Ring Signcryption Broadcasting Scheme Based on Multilinear Maps [J]. Computer Science, 2015, 42(3): 106-110. |
[9] | SHAO Jing, CHEN Zuo-ning, YIN Hong-wu and XU Guo-chun. Design and Implementation of Information Flow Control Framework for PaaS [J]. Computer Science, 2015, 42(12): 257-262. |
[10] | JIN Li and ZHU Hao. Two-dimension Declassification Policy in Multithreaded Environments [J]. Computer Science, 2015, 42(12): 243-246. |
[11] | FENG Gui-lan and TAN Liang. Data Assured Deletion Scheme Based on Trust Value for Cloud Storage [J]. Computer Science, 2014, 41(6): 108-112. |
[12] | LI Qin and YUAN Zhi-xiang. Permissive Type System for Internal Timing Information Flow in Multi-thread Programs [J]. Computer Science, 2014, 41(3): 163-168. |
[13] | ZHOU Cai-xue and WANG Fei-peng. Improved Certificateless Signcryption Scheme without Pairing [J]. Computer Science, 2013, 40(10): 139-143. |
[14] | . Declassification Policy Based on Content and Location Dimensions [J]. Computer Science, 2012, 39(8): 153-157. |
[15] | DENG Shu-hua,ZHAO Ze-mao. Secure and Reliable Centralized Multicast Key Management Scheme [J]. Computer Science, 2011, 38(Z10): 50-52. |
|