Now showing items 1-20 of 36

    • Asynchronous Functional Reactive Programming for GUIs 

      Czaplicki, Evan; Chong, Stephen N (ACM Press, 2013)
      Graphical user interfaces (GUIs) mediate many of our interactions with computers. Functional Reactive Programming (FRP) is a promising approach to GUI design, providing high-level, declarative, compositional abstractions ...
    • Automatic Enforcement of Expressive Security Policies using Enclaves 

      Gollamudi, Anitha; Chong, Stephen N (2016-07-25)
      Hardware-based enclave protection mechanisms, such as Intel’s SGX, ARM’s TrustZone, and Apple’s Secure Enclave, can protect code and data from powerful low-level attackers. In this work, we use enclaves to enforce strong ...
    • Civitas: Toward a Secure Voting System 

      Clarkson, Michael R.; Chong, Stephen N; Myers, Andrew C. (Institute of Electrical and Electronics Engineers, 2008)
      Civitas is the first electronic voting system that is coercion-resistant, universally and voter verifiable, and suitable for remote voting. This paper describes the design and implementation of Civitas. Assurance is ...
    • Correct Audit Logging: Theory and Practice 

      Amir-Mohammadian, Sepehr; Chong, Stephen N; Skalka, Christian (Springer Berlin Heidelberg, 2016)
      Retrospective security has become increasingly important to the theory and practice of cyber security, with auditing a crucial component of it. However, in systems where auditing is used, programs are typically instrumented ...
    • Cryptographic Enforcement of Language-Based Information Erasure 

      Askarov, Aslan; Moore, Scott; Dimoulas, Christos; Chong, Stephen N (2015)
      Information erasure is a formal security requirement that stipulates when sensitive data must be removed from computer systems. In a system that correctly enforces erasure requirements, an attacker who observes the system ...
    • Deriving Epistemic Conclusions from Agent Architecture 

      Chong, Stephen N; van der Meyden, Ron (Association for Computing Machinery, 2009)
      One of our most resilient intuitions is that causality is a precondition for information flow: where there are no causal connections, we expect there to be no flow of information. In this paper, we study this idea as it ...
    • End-to-End Enforcement of Erasure and Declassification 

      Chong, Stephen N; Myers, Andrew C. (Institute of Electrical and Electronics Engineers Computer Society, 2008)
      Declassification occurs when the confidentiality of information is weakened; erasure occurs when the confidentiality of information is strengthened, perhaps to the point of completely removing the information from the ...
    • Exploring and Enforcing Application Security Guarantees via Program Dependence Graphs 

      Johnson, Andrew; Waye, Lucas Reed; Moore, Scott; Chong, Stephen N (2014)
      We present Pidgin, a program analysis and understanding tool that allows developers to explore the information flows that exist in programs and specify and enforce security policies that restrict these information flows. ...
    • Exploring and Enforcing Application Security Guarantees vis Program Dependence 

      Johnson, Andrew; Waye, Lucas Reed; Moore, Scott David; Chong, Stephen N (2014)
      We present Pidgin, a program analysis and understanding tool that allows developers to explore the information flows that exist in programs and specify and enforce security policies that restrict these information flows. ...
    • Exploring and enforcing security guarantees via program dependence graphs 

      Johnson, Andrew Arthur; Wayne, Lucas; Moore, Scott David; Chong, Stephen N (ACM Press, 2015)
      We present PIDGIN, a program analysis and understanding tool that enables the specification and enforcement of precise application-specific information security guarantees. PIDGIN also allows developers to interactively ...
    • Extensible Access Control with Authorization Contracts 

      Scott Moore, Christos; Chong, Stephen N; Moore, Scott David; Dimoulas, Christos; Findler, Robert Bruce; Flatt, Matthew; Chong, Stephen N (2016-09-27)
      Existing programming language access control frameworks do not meet the needs of all software components.We propose an expressive framework for implementing access control monitors for components. The basis of the framework ...
    • Global and Local Monitors to Enforce Noninterference in Concurrent Programs 

      Askarov, Aslan; Chong, Stephen N; Mantel, Heiko (2015)
      Controlling confidential information in concurrent systems is difficult, due to covert channels resulting from interaction between threads. This problem is exacerbated if threads share resources at fine granularity. In ...
    • Higher-order Behavioral Contracts for Distributed Components 

      Waye, Lucas Reed; Dimoulas, Christos; Chong, Stephen N (2015)
      Inspired by the Design by Contract paradigm, we introduce CONSUL, a contract system for distributed components. CONSUL monitors distributed components at run time with higher-order behavioral contracts. Contract monitoring ...
    • Hybrid Monitors for Concurrent Noninterference 

      Askarov, Aslan; Chong, Stephen N; Mantel, Heiko (2015)
      Controlling confidential information in concurrent systems is difficult, due to covert channels resulting from interaction between threads. This problem is exacerbated if threads share resources at fine granularity. In ...
    • Inference of Expressive Declassification Policies 

      Vaughan, Jeffrey A.; Chong, Stephen N (IEEE Computer Society, 2011)
      We explore the inference of expressive human-readable declassification policies as a step towards providing practical tools and techniques for strong language-based information security. Security-type systems can enforce ...
    • It’s My Privilege: Controlling Downgrading in DC-Labels 

      Waye, Lucas Reed; Buiras, Pablo; King, Dan; Chong, Stephen N; Russo, Alejandro (Springer Science + Business Media, 2015)
      Disjunction Category Labels (DC-labels) are an expressive label format used to classify the sensitivity of data in information-flow control systems. DC-labels use capability-like privileges to downgrade information. ...
    • Learning is Change in Knowledge: Knowledge-based Security for Dynamic Policies 

      Askarov, Aslan; Chong, Stephen N (2012)
      In systems that handle confidential information, the security policy to enforce on information frequently changes: new users join the system, old users leave, and sensitivity of data changes over time. It is challenging, ...
    • A More Precise Security Type System for Dynamic Security Tests 

      Malecha, Gregory Michael; Chong, Stephen N (2010)
      The move toward publically available services that store private information has increased the importance of tracking information flow in applications. For example, network systems that store credit-card transactions and ...
    • Precise Enforcement of Progress-Sensitive Security 

      Moore, Scott David; Askarov, Aslan; Chong, Stephen N (ACM Press, 2012)
      Program progress (or termination) is a covert channel that may leak sensitive information. To control information leakage on this channel, semantic definitions of security should be progress sensitive and enforcement ...
    • Precise Scalable Static Analysis for Application-Specific Security Guarantees 

      Johnson, Andrew Arthur (2015-08-27)
      This dissertation presents Pidgin, a static program analysis and understanding tool that enables the specification and enforcement of precise application-specific information security guarantees. Pidgin also allows developers ...