103,715 research outputs found
Declassification of Faceted Values in JavaScript
This research addresses the issues with protecting sensitive information at the language level using information flow control mechanisms (IFC). Most of the IFC mechanisms face the challenge of releasing sensitive information in a restricted or limited manner. This research uses faceted values, an IFC mechanism that has shown promising flexibility for downgrading the confidential information in a secure manner, also called declassification.
In this project, we introduce the concept of first-class labels to simplify the declassification of faceted values. To validate the utility of our approach we show how the combination of faceted values and first-class labels can build various declassification mechanisms
Joint Wireless Information and Energy Transfer with Reduced Feedback in MIMO Interference Channels
To determine the transmission strategy for joint wireless information and
energy transfer (JWIET) in the MIMO interference channel (IFC), the information
access point (IAP) and energy access point (EAP) require the channel state
information (CSI) of their associated links to both the information-decoding
(ID) mobile stations (MSs) and energy-harvesting (EH) MSs (so-called local
CSI). In this paper, to reduce th e feedback overhead of MSs for the JWIET in
two-user MIMO IFC, we propose a Geodesic energy beamforming scheme that
requires partial CSI at the EAP. Furthermore, in the two-user MIMO IFC, it is
proved that the Geodesic energy beamforming is the optimal strategy. By adding
a rank-one constraint on the transmit signal covariance of IAP, we can further
reduce the feedback overhead to IAP by exploiting Geodesic information
beamforming. Under the rank-one constraint of IAP's transmit signal, we prove
that Geodesic information/energy beamforming approach is the optimal strategy
for JWIET in the two-user MIMO IFC. We also discuss the extension of the
proposed rank-one Geodesic information/energy beamforming strategies to general
K-user MIMO IFC. Finally, by analyzing the achievable rate-energy performance
statistically under imperfect partial CSIT, we propose an adaptive bit
allocation strategy for both EH MS and ID MS.Comment: accepted to IEEE Journal of Selected Areas in Communications (IEEE
JSAC), Special Issue on Wireless Communications Powered by Energy Harvesting
and Wireless Energy Transfe
Information Flow Control in WebKit's JavaScript Bytecode
Websites today routinely combine JavaScript from multiple sources, both
trusted and untrusted. Hence, JavaScript security is of paramount importance. A
specific interesting problem is information flow control (IFC) for JavaScript.
In this paper, we develop, formalize and implement a dynamic IFC mechanism for
the JavaScript engine of a production Web browser (specifically, Safari's
WebKit engine). Our IFC mechanism works at the level of JavaScript bytecode and
hence leverages years of industrial effort on optimizing both the source to
bytecode compiler and the bytecode interpreter. We track both explicit and
implicit flows and observe only moderate overhead. Working with bytecode
results in new challenges including the extensive use of unstructured control
flow in bytecode (which complicates lowering of program context taints),
unstructured exceptions (which complicate the matter further) and the need to
make IFC analysis permissive. We explain how we address these challenges,
formally model the JavaScript bytecode semantics and our instrumentation, prove
the standard property of termination-insensitive non-interference, and present
experimental results on an optimized prototype
Dynamic IFC Theorems for Free!
We show that noninterference and transparency, the key soundness theorems for
dynamic IFC libraries, can be obtained "for free", as direct consequences of
the more general parametricity theorem of type abstraction. This allows us to
give very short soundness proofs for dynamic IFC libraries such as faceted
values and LIO. Our proofs stay short even when fully mechanized for Agda
implementations of the libraries in terms of type abstraction.Comment: CSF 2021 final versio
- …