Browsing by Author "Moore, Scott David"

Now showing items 1-7 of 7

    • Exploring and Enforcing Application Security Guarantees vis Program Dependence 

      Johnson, Andrew; Waye, Lucas Reed; Moore, Scott David; Chong, Stephen N (2014)
      We present Pidgin, a program analysis and understanding tool that allows developers to explore the information flows that exist in programs and specify and enforce security policies that restrict these information flows. ...

    • Exploring and enforcing security guarantees via program dependence graphs 

      Johnson, Andrew Arthur; Wayne, Lucas; Moore, Scott David; Chong, Stephen N (ACM Press, 2015)
      We present PIDGIN, a program analysis and understanding tool that enables the specification and enforcement of precise application-specific information security guarantees. PIDGIN also allows developers to interactively ...

    • Extensible Access Control with Authorization Contracts 

      Scott Moore, Christos; Chong, Stephen N; Moore, Scott David; Dimoulas, Christos; Findler, Robert Bruce; Flatt, Matthew; Chong, Stephen N (2016-09-27)
      Existing programming language access control frameworks do not meet the needs of all software components.We propose an expressive framework for implementing access control monitors for components. The basis of the framework ...

    • Precise Enforcement of Progress-Sensitive Security 

      Moore, Scott David; Askarov, Aslan; Chong, Stephen N (ACM Press, 2012)
      Program progress (or termination) is a covert channel that may leak sensitive information. To control information leakage on this channel, semantic definitions of security should be progress sensitive and enforcement ...

    • SHILL: A Secure Shell Scripting Language 

      Moore, Scott David; Dimoulas, Christos; King, Daniel; Chong, Stephen N (USENIX Association, 2014)
      The Principle of Least Privilege suggests that software should be executed with no more authority than it requires to accomplish its task. Current security tools make it difficult to apply this principle: they either require ...

    • Software Contracts for Security 

      Moore, Scott David (2016-08-11)
      Component-based software engineering facilitates the design of complex systems by subdividing the programming task into separate components that interact via clearly defined interfaces. A component-based system is correct ...

    • Static Analysis for Efficient Hybrid Information-Flow Control 

      Moore, Scott David; Chong, Stephen N (IEEE Computer Society, 2011)
      Hybrid information-flow monitors use a combination of static analysis and dynamic mechanisms to provide precise strong information security guarantees. However, unlike purely static mechanisms for information security, ...