Alejandro Russo
Alejandro Russo

Homepage
russoatchalmers.se

  Affiliation history
Bibliometrics: publication history
Average citations per article10.57
Citation Count391
Publication count37
Publication years2006-2017
Available for download13
Average downloads per article189.46
Downloads (cumulative)2,463
Downloads (12 Months)400
Downloads (6 Weeks)49
SEARCH
ROLE
Arrow RightAuthor only
· Other only
· All roles


AUTHOR'S COLLEAGUES
See all colleagues of this author

SUBJECT AREAS
See all subject areas




BOOKMARK & SHARE


37 results found Export Results: bibtexendnoteacmrefcsv

Result 1 – 20 of 37
Result page: 1 2

Sort by:

1 published by ACM
October 2017 PLAS '17: Proceedings of the 2017 Workshop on Programming Languages and Analysis for Security
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 4,   Downloads (12 Months): 12,   Downloads (Overall): 12

Full text available: PDFPDF
The seminal work on the Dependency Core Calculus (DCC) shows how monads not only can be used for embedding effects in purely functional languages but also to statically track data dependencies. Such types of analysis have applications in research areas like security, partial evaluation, and slicing, where DCC plays the ...
Keywords: dependency core calculus, haskell, information-flow control

2 published by ACM
October 2017 CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 16,   Downloads (12 Months): 68,   Downloads (Overall): 68

Full text available: PDFPDF
We present Clio, an information flow control (IFC) system that transparently incorporates cryptography to enforce confidentiality and integrity policies on untrusted storage. Clio insulates developers from explicitly manipulating keys and cryptographic primitives by leveraging the policy language of the IFC system to automatically use the appropriate keys and correct cryptographic ...
Keywords: cryptography, information-flow control

3 published by ACM
October 2016 PLAS '16: Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 4,   Downloads (12 Months): 36,   Downloads (Overall): 63

Full text available: PDFPDF
Many state-of-the-art IFC libraries support a variety of advanced features like mutuable data structures, exceptions, and concurrency, whose subtle interaction makes verification of security guarantees challenging. In this paper, we present a full-fledged, mechanically-verified model of MAC---a statically enforced IFC library. We describe three main insights gained during the formalization ...
Keywords: haskell, non-interference, agda

4
September 2015 STM 2015: Proceedings of the 11th International Workshop on Security and Trust Management - Volume 9331
Publisher: Springer-Verlag New York, Inc.
Bibliometrics:
Citation Count: 0

Disjunction Category Labels DC-labels are an expressive label format used to classify the sensitivity of data in information-flow control systems. DC-labels use capability-like privileges to downgrade information. Inappropriate use of privileges can compromise security, but DC-labels provide no mechanism to ensure appropriate use. We extend DC-labels with the novel notions ...

5 published by ACM
August 2015 ICFP 2015: Proceedings of the 20th ACM SIGPLAN International Conference on Functional Programming
Publisher: ACM
Bibliometrics:
Citation Count: 6
Downloads (6 Weeks): 0,   Downloads (12 Months): 33,   Downloads (Overall): 144

Full text available: PDFPDF
Information-Flow Control (IFC) is a well-established approach for allowing untrusted code to manipulate sensitive data without disclosing it. IFC is typically enforced via type systems and static analyses or via dynamic execution monitors. The LIO Haskell library, originating in operating systems research, implements a purely dynamic monitor of the sensitivity ...
Keywords: Information-flow control, dynamic typing, hybrid typing, constraint kinds, data kinds, gradual typing, singleton types
Also published in:
December 2015  ACM SIGPLAN Notices - ICFP '15: Volume 50 Issue 9, September 2015

6 published by ACM
August 2015 ICFP 2015: Proceedings of the 20th ACM SIGPLAN International Conference on Functional Programming
Publisher: ACM
Bibliometrics:
Citation Count: 2
Downloads (6 Weeks): 1,   Downloads (12 Months): 35,   Downloads (Overall): 177

Full text available: PDFPDF
For several decades, researchers from different communities have independently focused on protecting confidentiality of data. Two distinct technologies have emerged for such purposes: Mandatory Access Control (MAC) and Information-Flow Control (IFC)—the former belonging to operating systems (OS) research, while the latter to the programming languages community. These approaches restrict how ...
Keywords: library, information-flow control, mandatory access control, security
Also published in:
December 2015  ACM SIGPLAN Notices - ICFP '15: Volume 50 Issue 9, September 2015

7
May 2015 HOTOS'15: Proceedings of the 15th USENIX conference on Hot Topics in Operating Systems
Publisher: USENIX Association
Bibliometrics:
Citation Count: 4

Browser extensions are ubiquitous. Yet, in today's browsers, extensions are the most dangerous code to user privacy. Extensions are third-party code, like web applications, but run with elevated privileges. Even worse, existing browser extension systems give users a false sense of security by considering extensions to be more trustworthy than ...

8
April 2015 Proceedings of the 4th International Conference on Principles of Security and Trust - Volume 9036
Publisher: Springer-Verlag New York, Inc.
Bibliometrics:
Citation Count: 1

Many important security problems in JavaScript, such as browser extension security, untrusted JavaScript libraries and safe integration of mutually distrustful websites mash-ups, may be effectively addressed using an efficient implementation of information flow control IFC. Unfortunately existing fine-grained approaches to JavaScript IFC require modifications to the language semantics and its ...

9
October 2014 OSDI'14: Proceedings of the 11th USENIX conference on Operating Systems Design and Implementation
Publisher: USENIX Association
Bibliometrics:
Citation Count: 13

Modern web applications are conglomerations of JavaScript written by multiple authors: application developers routinely incorporate code from third-party libraries, and mashup applications synthesize data and code hosted at different sites. In current browsers, a web application's developer and user must trust third-party code in libraries not to leak the user's ...

10 published by ACM
September 2014 Haskell '14: Proceedings of the 2014 ACM SIGPLAN symposium on Haskell
Publisher: ACM
Bibliometrics:
Citation Count: 0
Downloads (6 Weeks): 2,   Downloads (12 Months): 19,   Downloads (Overall): 71

Full text available: PDFPDF
LIO is a decentralized information flow control (DIFC) system, implemented in Haskell. In this demo proposal, we give an overview of the LIO library and show how LIO can be used to build secure systems. In particular, we show how to specify high-level security policies in the context of web ...
Keywords: hails, security, web application, dclabels, lio, decentralized information flow control
Also published in:
May 2015  ACM SIGPLAN Notices - Haskell '14: Volume 49 Issue 12, December 2014

11
July 2014 CSF '14: Proceedings of the 2014 IEEE 27th Computer Security Foundations Symposium
Publisher: IEEE Computer Society
Bibliometrics:
Citation Count: 2

Flow-sensitive analysis for information-flow control (IFC) allows data structures to have mutable security labels, i.e., labels that can change over the course of the computation. This feature is often used to boost the permissiveness of the IFC monitor, by rejecting fewer programs, and to reduce the burden of explicit label ...
Keywords: Flow-sensitivity analysis, dynamic monitors, concurrency, floating-label systems, Haskell

12
February 2014 ESSoS 2014: Proceedings of the 6th International Symposium on Engineering Secure Software and Systems - Volume 8364
Publisher: Springer-Verlag New York, Inc.
Bibliometrics:
Citation Count: 0

This paper is about ensuring security in unreliable systems. We study systems which are subject to transient faults — soft errors that cause stored values to be corrupted. The classic problem of fault tolerance is to modify a system so that it works despite a limited number of faults. We ...

13
October 2013 NordSec 2013: Proceedings of the 18th Nordic Conference on Secure IT Systems - Volume 8208
Publisher: Springer-Verlag New York, Inc.
Bibliometrics:
Citation Count: 0

To preserve confidentiality, information-flow control IFC restricts how untrusted code handles secret data. While promising, IFC systems are not perfect; they can still leak sensitive information via covert channels. In this work, we describe a novel exploit of lazy evaluation to reveal secrets in IFC systems. Specifically, we show that ...

14
August 2013 TGC 2013: 8th International Symposium on Trustworthy Global Computing - Volume 8358
Publisher: Springer-Verlag New York, Inc.
Bibliometrics:
Citation Count: 0

Information-flow control IFC is a security mechanism conceived to allow untrusted code to manipulate sensitive data without compromising confidentiality. Unfortunately, untrusted code might exploit some covert channels in order to reveal information. In this paper, we focus on the LIO concurrent IFC system. By leveraging the effects of hardware caches ...

15
October 2012 OSDI'12: Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Publisher: USENIX Association
Bibliometrics:
Citation Count: 31

Modern extensible web platforms like Facebook and Yammer depend on third-party software to offer a rich experience to their users. Unfortunately, users running a third-party "app" have little control over what it does with their private data. Today's platforms offer only ad-hoc constraints on app behavior, leaving users an unfortunate ...

16
October 2012 Computers and Security: Volume 31 Issue 7, October, 2012
Publisher: Elsevier Advanced Technology Publications
Bibliometrics:
Citation Count: 1

How do we guarantee that a piece of code, possibly originating from third party, does not jeopardize the security of the underlying application? Language-based information-flow security considers programs that manipulate pieces of data at different sensitivity levels. Securing information flow in such programs remains an open challenge. Recently, considerable progress ...
Keywords: Information flow, Inlining, Language-based security, Non-interference, Reference monitors

17 published by ACM
September 2012 ICFP '12: Proceedings of the 17th ACM SIGPLAN international conference on Functional programming
Publisher: ACM
Bibliometrics:
Citation Count: 16
Downloads (6 Weeks): 5,   Downloads (12 Months): 35,   Downloads (Overall): 299

Full text available: PDFPDF
When termination of a program is observable by an adversary, confidential information may be leaked by terminating accordingly. While this termination covert channel has limited bandwidth for sequential programs, it is a more dangerous source of information leakage in concurrent settings. We address concurrent termination and timing channels by presenting ...
Keywords: monad, covert channels, library
Also published in:
October 2012  ACM SIGPLAN Notices - ICFP '12: Volume 47 Issue 9, September 2012

18 published by ACM
June 2012 PLAS '12: Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
Publisher: ACM
Bibliometrics:
Citation Count: 2
Downloads (6 Weeks): 8,   Downloads (12 Months): 22,   Downloads (Overall): 298

Full text available: PDFPDF
Cloud computing is generally understood as the distribution of data and computations over the Internet. Over the past years, there has been a steep increase in web sites using this technology. Unfortunately, those web sites are not exempted from injection flaws and cross-site scripting, two of the most common security ...
Keywords: library, web applications, Python, cloud computing, taint analysis

19
October 2011 NordSec'11: Proceedings of the 16th Nordic conference on Information Security Technology for Applications
Publisher: Springer-Verlag
Bibliometrics:
Citation Count: 9

We present disjunction category (DC) labels, a new label format for enforcing information flow in the presence of mutually distrusting parties. DC labels can be ordered to form a lattice, based on propositional logic implication and conjunctive normal form. We introduce and prove soundness of decentralized privileges that are used ...
Keywords: decentralized information flow control, labels, logic, security

20 published by ACM
September 2011 Haskell '11: Proceedings of the 4th ACM symposium on Haskell
Publisher: ACM
Bibliometrics:
Citation Count: 34
Downloads (6 Weeks): 2,   Downloads (12 Months): 34,   Downloads (Overall): 246

Full text available: PDFPDF
We describe a new, dynamic, floating-label approach to language-based information flow control, and present an implementation in Haskell. A labeled IO monad, LIO, keeps track of a current label and permits restricted access to IO functionality, while ensuring that the current label exceeds the labels of all data observed and ...
Keywords: library, information flow control, monad
Also published in:
January 2012  ACM SIGPLAN Notices - Haskell '11: Volume 46 Issue 12, December 2011



The ACM Digital Library is published by the Association for Computing Machinery. Copyright © 2018 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us