Towards practical information flow control and audit

[1]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[2]  Bei Yu,et al.  TaintTrace: Efficient Flow Tracing with Dynamic Binary Rewriting , 2006, 11th IEEE Symposium on Computers and Communications (ISCC'06).

[3]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[4]  Thomas Moyer,et al.  Take Only What You Need: Leveraging Mandatory Access Control Policy to Reduce Provenance Storage Costs , 2015, TaPP.

[5]  David Lie,et al.  Auditing cloud management using information flow tracking , 2012, STC '12.

[6]  Andrew S. Tanenbaum,et al.  A Virtual Machine Based Information Flow Control System for Policy Enforcement , 2008, Electron. Notes Theor. Comput. Sci..

[7]  Andy Hopper,et al.  MrLazy: Lazy Runtime Label Propagation for MapReduce , 2014, HotCloud.

[8]  Siani Pearson,et al.  Towards accountable management of identity and privacy: sticky policies and enforceable tracing services , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[9]  Shrinath,et al.  Information Flow Control for Secure Cloud Computing , 2016 .

[10]  Val Tannen,et al.  Provenance semirings , 2007, PODS.

[11]  William G. Griswold,et al.  An Overview of AspectJ , 2001, ECOOP.

[12]  Yin Liu,et al.  Static Information Flow Analysis with Handling of Implicit Flows and a Study on Effects of Implicit Flows vs Explicit Flows , 2010, 2010 14th European Conference on Software Maintenance and Reengineering.

[13]  Yannis Cotronis,et al.  Data Provenance and Reproducibility in Grid Based Scientific Workflows , 2009, 2009 Workshops at the Grid and Pervasive Computing Conference.

[14]  Ahmad-Reza Sadeghi,et al.  SEDA: Scalable Embedded Device Attestation , 2015, CCS.

[15]  Bruno Defude,et al.  Document Provenance in the Cloud: Constraints and Challenges , 2010, EUNICE.

[16]  Jatinder Singh,et al.  Data Flow Management and Compliance in Cloud Computing , 2015, IEEE Cloud Computing.

[17]  Dharmesh Kakadia,et al.  Virtualization vs Containerization to Support PaaS , 2014, 2014 IEEE International Conference on Cloud Engineering.

[18]  Yogesh L. Simmhan,et al.  The Open Provenance Model core specification (v1.1) , 2011, Future Gener. Comput. Syst..

[19]  Shouhuai Xu,et al.  An Access Control Language for a General Provenance Model , 2009, Secure Data Management.

[20]  David M. Eyers,et al.  DEFCON: High-Performance Event Processing with Information Security , 2010, USENIX Annual Technical Conference.

[21]  Michael Franz,et al.  Fine-Grained Information Flow Analysis and Enforcement in a Java Virtual Machine , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[22]  Krzysztof Z. Gajos,et al.  Evaluation of Filesystem Provenance Visualization Tools , 2013, IEEE Transactions on Visualization and Computer Graphics.

[23]  Emil C. Lupu,et al.  Reconciling role based management and role based access control , 1997, RBAC '97.

[24]  Eddie Kohler,et al.  Manageable fine-grained information flow , 2008, Eurosys '08.

[25]  Tal Garfinkel,et al.  Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools , 2003, NDSS.

[26]  Tzilla Elrad,et al.  Aspect-oriented programming: Introduction , 2001, CACM.

[27]  Jon Crowcroft,et al.  Policy, Legal and Regulatory Implications of a Europe-Only Cloud , 2016, Int. J. Law Inf. Technol..

[28]  Bran Selic,et al.  A survey of fault tolerance mechanisms and checkpoint/restart implementations for high performance computing systems , 2013, The Journal of Supercomputing.

[29]  Dick Hardt,et al.  The OAuth 2.0 Authorization Framework , 2012, RFC.

[30]  Robin C. Meili,et al.  Can electronic medical record systems transform health care? Potential health benefits, savings, and costs. , 2005, Health affairs.

[31]  Jon Crowcroft,et al.  Regional Clouds: Technical Considerations , 2014 .

[32]  Margo I. Seltzer,et al.  A primer on provenance , 2014, CACM.

[33]  Shashi Shekhar,et al.  QUIRE: Lightweight Provenance for Smart Phone Operating Systems , 2011, USENIX Security Symposium.

[34]  Jean-Pierre Seifert,et al.  Beyond Kernel-Level Integrity Measurement: Enabling Remote Attestation for the Android Platform , 2010, TRUST.

[35]  David Brumley,et al.  All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but Might Have Been Afraid to Ask) , 2010, 2010 IEEE Symposium on Security and Privacy.

[36]  Gregor Kiczales,et al.  Using aspectC to improve the modularity of path-specific customization in operating system code , 2001, ESEC/FSE-9.

[37]  Peng Ning,et al.  Remote attestation to dynamic system properties: Towards providing complete system integrity evidence , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[38]  Imad M. Abbadi,et al.  Challenges for Provenance in Cloud Computing , 2011, TaPP.

[39]  Jatinder Singh,et al.  SBUS: a generic policy-enforcing middleware for open pervasive systems , 2014 .

[40]  Vitaly Shmatikov,et al.  πBox: A Platform for Privacy-Preserving Apps , 2013 .

[41]  Andrew C. Myers,et al.  SIF: Enforcing Confidentiality and Integrity in Web Applications , 2007, USENIX Security Symposium.

[42]  Torbjörn Ekman,et al.  Modularity first: a case for mixing AOP and attribute grammars , 2008, AOSD.

[43]  R. K. Shyamasundar,et al.  Realizing Purpose-Based Privacy Policies Succinctly via Information-Flow Labels , 2014, 2014 IEEE Fourth International Conference on Big Data and Cloud Computing.

[44]  Peng Li,et al.  Encoding information flow in Haskell , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).

[45]  Andrew Charlesworth Clash of the Data Titans?: US and EU Data Privacy Regulation , 2000 .

[46]  David M. Eyers,et al.  Information Flow Audit for Transparency and Compliance in the Handling of Personal Data , 2016, 2016 IEEE International Conference on Cloud Engineering Workshop (IC2EW).

[47]  Silas Boyd-Wickizer,et al.  Securing Distributed Systems with Information Flow Control , 2008, NSDI.

[48]  David W. Chadwick,et al.  The PERMIS X.509 role based privilege management infrastructure , 2003, Future Gener. Comput. Syst..

[49]  Niraj K. Jha,et al.  Analysis and design of a hardware/software trusted platform module for embedded systems , 2008, TECS.

[50]  Margo I. Seltzer,et al.  Layering in Provenance Systems , 2009, USENIX Annual Technical Conference.

[51]  Jaehong Park,et al.  Adopting Provenance-Based Access Control in OpenStack Cloud IaaS , 2014, NSS.

[52]  Alessandro Orso,et al.  Dytan: a generic dynamic taint analysis framework , 2007, ISSTA '07.

[53]  Margo I. Seltzer,et al.  Provenance-Aware Storage Systems , 2006, USENIX ATC, General Track.

[54]  Trent Jaeger,et al.  Runtime verification of authorization hook placement for the linux security modules framework , 2002, CCS '02.

[55]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[56]  Frank Hill,et al.  An aspect-oriented security framework , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[57]  Trey Ideker,et al.  Cytoscape 2.8: new features for data integration and network visualization , 2010, Bioinform..

[58]  Daniel Kifer,et al.  Attacks on privacy and deFinetti's theorem , 2009, SIGMOD Conference.

[59]  Larry L. Peterson,et al.  Container-based operating system virtualization: a scalable, high-performance alternative to hypervisors , 2007, EuroSys '07.

[60]  James Newsom,et al.  Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software, Network and Distributed System Security Symposium Conference Proceedings : 2005 , 2005 .

[61]  Jean Bacon,et al.  A model of OASIS role-based access control and its support for active security , 2002, ACM Trans. Inf. Syst. Secur..

[62]  Zizi Papacharissi,et al.  Fifteen Minutes of Privacy: Privacy, Sociality, and Publicity on Social Network Sites , 2011, Privacy Online.

[63]  Eddie Kohler,et al.  Information flow control for standard OS abstractions , 2007, SOSP.

[64]  V. Vianu,et al.  Edinburgh Why and Where: A Characterization of Data Provenance , 2017 .

[65]  James A. Reeds,et al.  Multilevel security in the UNIX tradition , 1992, Softw. Pract. Exp..

[66]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[67]  Jean Bacon,et al.  FlowR: aspect oriented programming for information flow control in ruby , 2014, MODULARITY.

[68]  Marianne Winslett,et al.  Super-sticky and declassifiable release policies for flexible information dissemination control , 2006, WPES '06.

[69]  David M. Eyers,et al.  Data-Centric Access Control for Cloud Computing , 2016, SACMAT.

[70]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[71]  Thomas Morris,et al.  Trusted Platform Module , 2011, Encyclopedia of Cryptography and Security.

[72]  Angelos D. Keromytis,et al.  Cloudopsy: An Autopsy of Data Flows in the Cloud , 2013, HCI.

[73]  Brian Lee,et al.  Towards Secure Provenance in the Cloud: A Survey , 2015, 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC).

[74]  Rodrigo Fonseca,et al.  Pivot tracing , 2018, USENIX ATC.

[75]  Andrew C. Myers,et al.  Secure Information Flow and CPS , 2001, ESOP.

[76]  Uri Braun,et al.  Provenance Integration Requires Reconciliation , 2011, TaPP.

[77]  A. W. Roscoe,et al.  What is intransitive noninterference? , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[78]  Guilherme Ottoni,et al.  RIFLE: An Architectural Framework for User-Centric Information-Flow Security , 2004, 37th International Symposium on Microarchitecture (MICRO-37'04).

[79]  Thomas F. J.-M. Pasquier,et al.  Expressing and Enforcing Location Requirements in the Cloud Using Information Flow Control , 2015, 2015 IEEE International Conference on Cloud Engineering.

[80]  Nick Feamster,et al.  SilverLine: Data and Network Isolation for Cloud Services , 2011, HotCloud.

[81]  Yoshihiro Oyama,et al.  Load-based covert channels between Xen virtual machines , 2010, SAC '10.

[82]  Jaehong Park,et al.  Dependency Path Patterns as the Foundation of Access Control in Provenance-aware Systems , 2012, TaPP.

[83]  Vern Paxson,et al.  The Matter of Heartbleed , 2014, Internet Measurement Conference.

[84]  Walid G. Aref,et al.  A Distributed Access Control Architecture for Cloud Computing , 2012, IEEE Software.

[85]  David Ingram Reconfigurable middleware for high availability sensor systems , 2009, DEBS '09.

[86]  Bruce Schneier,et al.  Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish) , 1993, FSE.

[87]  Jon Crowcroft,et al.  Unclouded Vision , 2011, ICDCN.

[88]  Marina Egea,et al.  Coco-Cloud project: Confidential and compliant clouds , 2014, IEEE-EMBS International Conference on Biomedical and Health Informatics (BHI).

[89]  Andrei Sabelfeld,et al.  SeLINQ , 2014, ICFP.

[90]  Margo I. Seltzer,et al.  Securing Provenance , 2008, HotSec.

[91]  Marianne Winslett,et al.  Preventing history forgery with secure provenance , 2009, TOS.

[92]  Marc Chiarini,et al.  Collecting Provenance via the Xen Hypervisor , 2011, TaPP.

[93]  Maxwell N. Krohn,et al.  Information flow control for secure web sites , 2008 .

[94]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[95]  Beth Plale,et al.  Big Data Provenance Analysis and Visualization , 2015, 2015 15th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing.

[96]  Ravi S. Sandhu,et al.  Separation of Duties in Computerized Information Systems , 1990, DBSec.

[97]  Bradley Malin,et al.  Evaluating re-identification risks with respect to the HIPAA privacy rule , 2010, J. Am. Medical Informatics Assoc..

[98]  Chandra Krintz,et al.  AppScale: Scalable and Open AppEngine Application Development and Deployment , 2009, CloudComp.

[99]  Jatinder Singh,et al.  Information Flow Control for Strong Protection with Flexible Sharing in PaaS , 2015, 2015 IEEE International Conference on Cloud Engineering.

[100]  Vincent Simonet Flow Caml in a Nutshell , 2003 .

[101]  Andrew Tucker,et al.  Solaris Zones: Operating System Support for Server Consolidation , 2004, Virtual Machine Research and Technology Symposium.

[102]  Vitaly Shmatikov,et al.  Myths and fallacies of "Personally Identifiable Information" , 2010, Commun. ACM.

[103]  Geoffrey Smith,et al.  A Type-Based Approach to Program Security , 1997, TAPSOFT.

[104]  Kevin Kaichuan He Kernel korner: why and how to use netlink socket , 2005 .

[105]  David Bernstein,et al.  Containers and Cloud: From LXC to Docker to Kubernetes , 2014, IEEE Cloud Computing.

[106]  Adriane Chapman,et al.  It's About the Data: Provenance as a Tool for Assessing Data Fitness , 2012, TaPP.

[107]  Yogesh L. Simmhan,et al.  A survey of data provenance in e-science , 2005, SGMD.

[108]  Shouhuai Xu,et al.  A Characterization of the problem of secure provenance management , 2009, 2009 IEEE International Conference on Intelligence and Security Informatics.

[109]  Brian Shand,et al.  Information Flow Control for a Medical Records Web Portal , 2013 .

[110]  Vitaly Shmatikov,et al.  The cost of privacy: destruction of data-mining utility in anonymized data publishing , 2008, KDD.

[111]  Martin Bellamy,et al.  Adoption of Cloud Computing Services by Public Sector Organisations , 2013, 2013 IEEE Ninth World Congress on Services.

[112]  David Evans,et al.  SafeWeb: A Middleware for Securing Ruby-Based Web Applications , 2011, Middleware.

[113]  Wenke Lee,et al.  xBook: Redesigning Privacy Control in Social Networking Platforms , 2009, USENIX Security Symposium.

[114]  Devarshi Ghoshal,et al.  Visualization of network data provenance , 2012, 2012 19th International Conference on High Performance Computing.

[115]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[116]  Angelos D. Keromytis,et al.  CloudFence: Data Flow Tracking as a Cloud Service , 2013, RAID.

[117]  Andrey Ermolinskiy Design and Implementation of a Hypervisor-Based Platform for Dynamic Information Flow Tracking in a Distributed Environment , 2011 .

[118]  Wayne Salamon,et al.  Implementing SELinux as a Linux Security Module , 2003 .

[119]  K J Biba,et al.  Integrity Considerations for Secure Computer Systems , 1977 .

[120]  Colin Percival CACHE MISSING FOR FUN AND PROFIT , 2005 .

[121]  Roland Bless,et al.  CloudInspector: A Transparency-as-a-Service Solution for Legal Issues in Cloud Computing , 2016, 2016 IEEE International Conference on Cloud Engineering Workshop (IC2EW).

[122]  Donald E. Porter,et al.  Practical Fine-Grained Information Flow Control Using Laminar , 2014, ACM Trans. Program. Lang. Syst..

[123]  Yurdaer N. Doganata,et al.  Business Provenance - A Technology to Increase Traceability of End-to-End Operations , 2008, OTM Conferences.

[124]  Steve Vandebogart,et al.  Make Least Privilege a Right (Not a Privilege) , 2005, HotOS.

[125]  Roberto Bifulco,et al.  ClickOS and the Art of Network Function Virtualization , 2014, NSDI.

[126]  Carl A. Gunter,et al.  Cumulative Attestation Kernels for Embedded Systems , 2009, ESORICS.

[127]  Mourad Debbabi,et al.  An aspect-oriented approach for the systematic security hardening of code , 2008, Comput. Secur..

[128]  Bhavani M. Thuraisingham,et al.  A language for provenance access control , 2011, CODASPY '11.

[129]  Olaf Spinczyk,et al.  The design and implementation of AspectC++ , 2007, Knowl. Based Syst..

[130]  Ben Niu,et al.  Efficient user-space information flow control , 2013, ASIA CCS '13.

[131]  Jatinder Singh,et al.  Managing Big Data with Information Flow Control , 2015, 2015 IEEE 8th International Conference on Cloud Computing.

[132]  Jatinder Singh,et al.  Securing tags to control information flows within the Internet of Things , 2015, 2015 International Conference on Recent Advances in Internet of Things (RIoT).

[133]  Patrick D. McDaniel,et al.  Hi-Fi: collecting high-fidelity whole-system provenance , 2012, ACSAC '12.

[134]  Chris I. Dalton,et al.  Dynamic label binding at run-time , 2003, NSPW '03.

[135]  Trent Jaeger,et al.  Consistency analysis of authorization hook placement in the Linux security modules framework , 2004, TSEC.

[136]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[137]  Somesh Jha,et al.  Automatic placement of authorization hooks in the linux security modules framework , 2005, CCS '05.

[138]  Jaehong Park,et al.  A provenance-based access control model , 2012, 2012 Tenth Annual International Conference on Privacy, Security and Trust.

[139]  Siani Pearson,et al.  Sticky Policies: An Approach for Managing Privacy across Multiple Parties , 2011, Computer.

[140]  Andrew C. Myers,et al.  JFlow: practical mostly-static information flow control , 1999, POPL '99.

[141]  David M. Eyers,et al.  Integrating Messaging Middleware and Information Flow Control , 2015, 2015 IEEE International Conference on Cloud Engineering.

[142]  Jatinder Singh,et al.  Clouds of Things Need Information Flow Control with Hardware Roots of Trust , 2015, 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom).

[143]  David M. Eyers,et al.  Information Flow Audit for PaaS Clouds , 2016, 2016 IEEE International Conference on Cloud Engineering (IC2E).

[144]  Ravi S. Sandhu,et al.  Binding identities and attributes using digitally signed certificates , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[145]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[146]  Éric Tanter,et al.  Secure and modular access control with aspects , 2013, AOSD.

[147]  Paul Watson,et al.  Achieving reproducibility by combining provenance with service and workflow versioning , 2011, WORKS '11.

[148]  David M. Eyers,et al.  Policy enforcement within emerging distributed, event-based systems , 2014, DEBS '14.

[149]  Boon Thau Loo,et al.  Provenance-aware secure networks , 2008, 2008 IEEE 24th International Conference on Data Engineering Workshop.

[150]  Stefan Berger,et al.  vTPM: Virtualizing the Trusted Platform Module , 2006, USENIX Security Symposium.

[151]  Cristina V. Lopes,et al.  Aspect-oriented programming , 1999, ECOOP Workshops.

[152]  Barbara Liskov,et al.  IFDB: decentralized information flow control for databases , 2013, EuroSys '13.

[153]  Crispin Cowan,et al.  Linux security modules: general security support for the linux kernel , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[154]  Vinod Vaikuntanathan,et al.  Can homomorphic encryption be practical? , 2011, CCSW '11.

[155]  Philip Turner,et al.  Digital provenance - interpretation, verification and corroboration , 2005, Digit. Investig..

[156]  Bradley Malin,et al.  How (not) to protect genomic data privacy in a distributed network: using trail re-identification to evaluate and design anonymity protection systems , 2004, J. Biomed. Informatics.

[157]  Kevin R. B. Butler,et al.  Towards secure provenance-based access control in cloud environments , 2013, CODASPY.

[158]  Robert Wisniewski relayfs : An Efficient Unified Approach for Transmitting Data from Kernel to User Space , 2003 .

[159]  David A. Bell,et al.  Secure computer systems: mathematical foundations and model , 1973 .

[160]  Carla E. Brodley,et al.  IP covert timing channels: design and detection , 2004, CCS '04.

[161]  Peter R. Pietzuch,et al.  PHP Aspis: Using Partial Taint Tracking to Protect Against Injection Attacks , 2011, WebApps.

[162]  Eddie Kohler,et al.  Making information flow explicit in HiStar , 2006, OSDI '06.

[163]  David M. Eyers,et al.  FlowWatcher: Defending against Data Disclosure Vulnerabilities in Web Applications , 2015, CCS.

[164]  Klaus Wehrle,et al.  A Cloud design for user-controlled storage and processing of sensor data , 2012, 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings.

[165]  Jatinder Singh,et al.  Camflow: Managed Data-Sharing for Cloud Services , 2015, IEEE Transactions on Cloud Computing.

[166]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[167]  Ashish Gehani,et al.  SPADE: Support for Provenance Auditing in Distributed Environments , 2012, Middleware.

[168]  David Sands,et al.  Controlled Declassification Based on Intransitive Noninterference , 2004, APLAS.

[169]  Jaehong Park,et al.  Towards provenance-based access control with feasible overhead , 2014, 2014 International Conference on Information Science, Electronics and Electrical Engineering.

[170]  Cristina V. Lopes,et al.  Aspect-oriented programming , 1999, ECOOP Workshops.

[171]  Pietro Iglio,et al.  Role templates for content-based access control , 1997, RBAC '97.

[172]  Deian Stefan,et al.  Data-Provenance Verification For Secure Hosts , 2012, IEEE Transactions on Dependable and Secure Computing.

[173]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[174]  Bu Sung Lee,et al.  From system-centric to data-centric logging - Accountability, trust & security in cloud computing , 2011, 2011 Defense Science Research Conference and Expo (DSR).

[175]  Krishna P. Gummadi,et al.  Towards Trusted Cloud Computing , 2009, HotCloud.

[176]  David M. Eyers,et al.  FlowK: Information Flow Control for the Cloud , 2014, 2014 IEEE 6th International Conference on Cloud Computing Technology and Science.

[177]  Claudia Eckert,et al.  Practical information-flow aware middleware for in-car communication , 2013, CyCAR '13.

[178]  Markus Quaritsch,et al.  Linux Security Modules Enhancements : Module Stacking Framework and TCP State Transition Hooks for State-Driven NIDS , 2004 .

[179]  Winnie Cheng,et al.  Abstractions for Usable Information Flow Control in Aeolus , 2012, USENIX Annual Technical Conference.

[180]  R. Ramachandran AspectJ for Multilevel Security , 2006 .

[181]  Yuguang Fang,et al.  Privacy and security for online social networks: challenges and opportunities , 2010, IEEE Network.

[182]  Russ Housley,et al.  An Internet Attribute Certificate Profile for Authorization , 2002, RFC.

[183]  Mohammad Khalid Pandit,et al.  Applying Aspect Oriented Programming on Security , 2015 .

[184]  Christopher A Cassa,et al.  Re-identification of home addresses from spatial locations anonymized by Gaussian skew , 2008, International journal of health geographics.

[185]  Andrew C. Myers,et al.  Complete, safe information flow with decentralized labels , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[186]  Nikolai Tillmann,et al.  User-aware privacy control via extended static-information-flow analysis , 2012, 2012 Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering.

[187]  David W. Chadwick,et al.  Enforcing "sticky" security policies throughout a distributed application , 2008, MidSec '08.

[188]  Jon Crowcroft,et al.  Jitsu: Just-In-Time Summoning of Unikernels , 2015, NSDI.

[189]  Andrew C. Myers,et al.  Protecting privacy using the decentralized label model , 2003, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[190]  Christopher Millard,et al.  Cloud Computing Law , 2013 .

[191]  Thomas Moyer,et al.  Trustworthy Whole-System Provenance for the Linux Kernel , 2015, USENIX Security Symposium.

[192]  Wei-Yang Lin,et al.  Intrusion detection by machine learning: A review , 2009, Expert Syst. Appl..

[193]  Bob Duncan,et al.  Enhancing Cloud Security and Privacy: Broadening the Service Level Agreement , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[194]  Paal E. Engelstad,et al.  IncludeOS: A Minimal, Resource Efficient Unikernel for Cloud Services , 2015, 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom).

[195]  David J. Scott,et al.  Unikernels: the rise of the virtual library operating system , 2013, CACM.

[196]  Rania Fahim El-Gazzar,et al.  A Literature Review on Cloud Computing Adoption Issues in Enterprises , 2014, TDIT.

[197]  David Safford,et al.  Trustworthy geographically fenced hybrid clouds , 2014, Middleware.

[198]  Donald E. Porter,et al.  Laminar: practical fine-grained decentralized information flow control , 2009, PLDI '09.

[199]  Tzi-cker Chiueh,et al.  A General Dynamic Information Flow Tracking Framework for Security Applications , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[200]  Cristina V. Lopes,et al.  A study on exception detection and handling using aspect-oriented programming , 2000, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium.

[201]  Stefan Berger,et al.  Shamon: A System for Distributed Mandatory Access Control , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[202]  Angelos D. Keromytis,et al.  libdft: practical dynamic data flow tracking for commodity systems , 2012, VEE '12.

[203]  Jens Palsberg,et al.  Trust in the λ-calculus , 1995, Journal of Functional Programming.

[204]  Mick Bauer,et al.  Paranoid penguin: an introduction to Novell AppArmor , 2006 .

[205]  Silvia Gordillo,et al.  Aspect Coordination for Web Applications in Java / AspectJ and Ruby / Aquarium , 2009 .

[206]  Robert N. M. Watson,et al.  Exploiting Concurrency Vulnerabilities in System Call Wrappers , 2007, WOOT.

[207]  Jon Crowcroft,et al.  Turning Down the LAMP: Software Specialisation for the Cloud , 2010, HotCloud.

[208]  Jing Zhang,et al.  Do You Know Where Your Data's Been? - Tamper-Evident Database Provenance , 2009, Secure Data Management.

[209]  D. Richard Kuhn,et al.  Attribute-Based Access Control , 2017, Computer.

[210]  Cheng Wang,et al.  LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks , 2006, 2006 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO'06).

[211]  Andrew C. Myers,et al.  A decentralized model for information flow control , 1997, SOSP.

[212]  Margo I. Seltzer,et al.  Issues in Automatic Provenance Collection , 2006, IPAW.

[213]  Stefan Berger,et al.  Scalable Attestation: A Step Toward Secure and Trusted Clouds , 2015, 2015 IEEE International Conference on Cloud Engineering.