Christian Hammer scite author profile

Information flow control (IFC) checks whether a program can leak secret data to public ports, or whether critical computations can be influenced from outside. But many IFC analyses are imprecise, as they are flow-insensitive, context-insensitive, or object-insensitive; resulting in false alarms. We argue that IFC must better exploit modern program analysis technology, and present an approach based on program dependence graphs (PDG). PDGs have been developed over the last 20 years as a standard device to represent information flow in a program, and today can handle realistic programs. In particular, our dependence graph generator for full Java bytecode is used as the basis for an IFC implementation which is more precise and needs less annotations than traditional approaches. We explain PDGs for sequential and multi-threaded programs, and explain precision gains due to flow-, context-, and object-sensitivity. We then augment PDGs with a lattice of security levels and introduce the flow equations for IFC. We describe algorithms for flow computation in detail and prove their correctness. We then extend flow equations to handle declassification, and prove that our algorithm respects monotonicity of release. Finally, examples demonstrate that our implementation can check realistic sequential programs in full Java bytecode.

show abstract

Dynamic detection of atomic-set-serializability violations

Hammer

Dolby

Vaziri

et al. 2008

115

View full text Add to dashboard Cite

Previously we presented atomic sets, memory locations that share some consistency property, and units of work, code fragments that preserve consistency of atomic sets on which they are declared. We also proposed atomic-set serializability as a correctness criterion for concurrent programs, stating that units of work must be serializable for each atomic set. We showed that a set of problematic data access patterns characterize executions that are not atomic-set serializable. Our criterion subsumes data races (single-location atomic sets) and serializability (all locations in one set).In this paper, we present a dynamic analysis for detecting violations of atomic-set serializability. The analysis can be implemented efficiently, and does not depend on any specific synchronization mechanism. We implemented the analysis and evaluated it on a suite of real programs and benchmarks. We found a number of known errors as well as several problems not previously reported.

show abstract

Information Flow Control in WebKit’s JavaScript Bytecode

Bichhawat

Rajani

Garg

et al. 2014

View full text Add to dashboard Cite

Abstract. Websites today routinely combine JavaScript from multiple sources, both trusted and untrusted. Hence, JavaScript security is of paramount importance. A specific interesting problem is information flow control (IFC) for JavaScript. In this paper, we develop, formalize and implement a dynamic IFC mechanism for the JavaScript engine of a production Web browser (specifically, Safari's WebKit engine). Our IFC mechanism works at the level of JavaScript bytecode and hence leverages years of industrial effort on optimizing both the source to bytecode compiler and the bytecode interpreter. We track both explicit and implicit flows and observe only moderate overhead. Working with bytecode results in new challenges including the extensive use of unstructured control flow in bytecode (which complicates lowering of program context taints), unstructured exceptions (which complicate the matter further) and the need to make IFC analysis permissive. We explain how we address these challenges, formally model the JavaScript bytecode semantics and our instrumentation, prove the standard property of terminationinsensitive non-interference, and present experimental results on an optimized prototype.

show abstract

AppGuard – Enforcing User Requirements on Android Apps

et al. 2013

View full text Add to dashboard Cite

Evaluation of Lamina Cribrosa and Peripapillary Sclera Stiffness in Pseudoexfoliation and Normal Eyes by Atomic Force Microscopy

Braunsmann¹,

Hammer

Rheinlaender³

et al. 2012

Invest. Ophthalmol. Vis. Sci.

102

View full text Add to dashboard Cite

show abstract

LOXL1 Deficiency in the Lamina Cribrosa as Candidate Susceptibility Factor for a Pseudoexfoliation-Specific Risk of Glaucoma

et al. 2012

View full text Add to dashboard Cite

Distribution of Young's Modulus in Porcine Corneas after Riboflavin/UVA-Induced Collagen Cross-Linking as Measured by Atomic Force Microscopy

et al. 2014

View full text Add to dashboard Cite

Riboflavin/UVA-induced corneal collagen cross-linking has become an effective clinical application to treat keratoconus and other ectatic disorders of the cornea. Its beneficial effects are attributed to a marked stiffening of the unphysiologically weak stroma. Previous studies located the stiffening effect predominantly within the anterior cornea. In this study, we present an atomic force microscopy-derived analysis of the depth-dependent distribution of the Young's modulus with a depth resolution of 5 µm in 8 cross-linked porcine corneas and 8 contralateral controls. Sagittal cryosections were fabricated from every specimen and subjected to force mapping. The mean stromal depth of the zone with effective cross-linking was found to be 219±67 µm. Within this cross-linked zone, the mean Young's modulus declined from 49±18 kPa at the corneal surface to 46±17 kPa, 33±11 kPa, 17±5 kPa, 10±4 kPa and 10±4 kPa at stromal depth intervals of 0–50 µm, 50–100 µm, 100–150 µm, 150–200 µm and 200–250 µm, respectively. This corresponded to a stiffening by a factor of 8.1 (corneal surface), 7.6 (0–50 µm), 5.4 (50–100 µm), 3.0 (100–150 µm), 1.6 (150–200 µm), and 1.5 (200–250 µm), when compared to the Young's modulus of the posterior 100 µm. The mean Young's modulus within the cross-linked zone was 20±8 kPa (2.9-fold stiffening), while it was 11±4 kPa (1.7-fold stiffening) for the entire stroma. Both values were significantly distinct from the mean Young's modulus obtained from the posterior 100 µm of the cross-linked corneas and from the contralateral controls. In conclusion, we were able to specify the depth-dependent distribution of the stiffening effect elicited by standard collagen cross-linking in porcine corneas. Apart from determining the depth of the zone with effective corneal cross-linking, we also developed a method that allows for atomic force microscopy-based measurements of gradients of Young's modulus in soft tissues in general.

show abstract

Impact of Comorbidities and Smoking on the Outcome in Aneurysmal Subarachnoid Hemorrhage

Hammer

Steiner

Ranaie

et al. 2018

Sci Rep

View full text Add to dashboard Cite

The intention of this observational study is to show the significant impact of comorbidities and smoking on the outcome in aneurysmal subarachnoid hemorrhage (SAH). During this observational study 203 cases of treatment of ruptured intracranial aneurysms were analyzed. We examined and classified prospectively the 12 month outcome according to the modified Rankin Scale (mRS) considering retrospectively a history of smoking and investigated prospectively the occurrence of early and delayed cerebral ischemia between 2012 and 2017. Using logistic regression methods, we revealed smoking (odds ratio 0.21; p = 0.0031) and hypertension (odds ratio 0.18; p = 0.0019) to be predictors for a good clinical outcome (mRS 0–2). Age (odds ratio 1.05; p = 0.0092), WFNS Grade (odds ratio 6.28; p < 0.0001), early cerebral ischemia (ECI) (odds ratio 10.06; p < 0.00032) and delayed cerebral ischemia (DCI) (odds ratio 4.03; p = 0.017) were detected as predictors for a poor clinical outcome. Significant associations of occurrence of death with hypertension (odds ratio 0.12; p < 0.0001), smoking (odds ratio 0.31; p = 0.048), WFNS grade (odds ratio 3.23; p < 0.0001) and age (odds ratio 1.09; p < 0.0001), but not with ECI (p = 0.29) and DCI (p = 0.62) were found. Smoking and hypertension seem to be predictors for a good clinical outcome after aneurysmal SAH.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.