An Information Flow Monitor for a Core of DOM - Introducing References and Live Primitives
نویسندگان
چکیده
We propose and prove sound a novel, purely dynamic, flowsensitive monitor for securing information flow in an imperative language extended with DOM-like tree operations, that we call Core DOM. In Core DOM, as in the DOM API, tree nodes are treated as first-class values. We take advantage of this feature in order to implement an information flow control mechanism that is finer-grained than previous approaches in the literature. Furthermore, we extend Core DOM with additional constructs to model the behavior of live collections in the DOM Core Level 1 API. We show that this kind of construct effectively augments the observational power of an attacker and we modify the proposed monitor so as to tackle newly introduced forms of information leaks.
منابع مشابه
CPA on COLM Authenticated Cipher and the Protection Using Domain-Oriented Masking
Authenticated encryption schemes are important cryptographic primitives that received extensive attention recently. They can provide both confidentiality and authenticity services, simultaneously. Correlation power analysis (CPA) can be a thread for authenticated ciphers, similar to the any physical implementation of any other cryptographic scheme. In this paper, a three-step CPA attack against...
متن کاملLightweight 4x4 MDS Matrices for Hardware-Oriented Cryptographic Primitives
Linear diffusion layer is an important part of lightweight block ciphers and hash functions. This paper presents an efficient class of lightweight 4x4 MDS matrices such that the implementation cost of them and their corresponding inverses are equal. The main target of the paper is hardware oriented cryptographic primitives and the implementation cost is measured in terms of the required number ...
متن کاملCore Curriculum in Medical Education: Introducing Some Approaches
Introduction: Application of proper approaches as a logical framework for creating core curriculum prevents making additional information in curricula. This study aimed to introduce some useful approaches for determining core curriculum in medical science. Methods: This review study was done by electronic searching (PubMed, ERIC, Google Scholar) as well as manual searching (library resources)....
متن کاملInteraction of laminar natural convection and radiation in an inclined square cavity containing participating gases
Two-dimensional numerical study of flow and temperature fields for laminar natural convection and radiation in the inclined cavity is performed in the present work. The walls of the square cavity are assumed kept at constant temperatures. An absorbing, emitting, and scattering gray medium is enclosed by the opaque and diffusely emitting walls. The set of governing equations, including conservat...
متن کاملEnforcing secure information flow in client-side Web applications. (Vers l'établissement du flux d'information sûr dans les applications Web côté client)
During the last decade, Web applications have evolved from static pages presented by Web servers which centralised all computations to multi-tier applications in which computations are shared between the client and the server. In addition to this, current client-side Web applications often combine code dynamically loaded from different origins to create new functionalities. As it happens, this ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2014