{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:44:30Z","timestamp":1772041470365,"version":"3.50.1"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783031081460","type":"print"},{"value":"9783031081477","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-08147-7_10","type":"book-chapter","created":{"date-parts":[[2022,6,14]],"date-time":"2022-06-14T16:43:08Z","timestamp":1655224988000},"page":"146-161","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Automatic Annotation of\u00a0Confidential Data in\u00a0Java Code"],"prefix":"10.1007","author":[{"given":"Iulia","family":"Bastys","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pauline","family":"Bolignano","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Franco","family":"Raimondi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daniel","family":"Schoepe","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,6,15]]},"reference":[{"key":"10_CR1","unstructured":"Checker framework. https:\/\/checkerframework.org\/manual\/"},{"key":"10_CR2","unstructured":"Doop framework. https:\/\/bitbucket.org\/yanniss\/doop\/src\/master\/"},{"key":"10_CR3","unstructured":"Java Vulnerability Detection. https:\/\/labs.oracle.com\/pls\/apex\/f?p=labs:49:::::P49_PROJECT_ID:122"},{"key":"10_CR4","unstructured":"MUDetect. https:\/\/github.com\/stg-tud\/MUDetect"},{"key":"10_CR5","unstructured":"SecuriBench-micro. https:\/\/github.com\/too4words\/securibench-micro"},{"key":"10_CR6","unstructured":"Souffl\u00e9. https:\/\/souffle-lang.github.io"},{"key":"10_CR7","unstructured":"Amann, S., Nguyen, H.A., Nadi, S., Nguyen, T.N., Mezini, M.: Investigating next steps in static API-misuse detection. In: MSR 2019, 26\u201327 May 2019, Montreal, Canada (2019)"},{"key":"10_CR8","doi-asserted-by":"crossref","unstructured":"Arzt, S., et al.: Flowdroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In: PLDI 2014, Edinburgh, United Kingdom, 09\u201311 June 2014, pp. 259\u2013269 (2014)","DOI":"10.1145\/2666356.2594299"},{"issue":"4\u20135","key":"10_CR9","doi-asserted-by":"publisher","first-page":"323","DOI":"10.3233\/JCS-15791","volume":"25","author":"N Broberg","year":"2017","unstructured":"Broberg, N., van Delft, B., Sands, D.: Paragon - practical programming with information flow control. J. Comput. Secur. 25(4\u20135), 323\u2013365 (2017)","journal-title":"J. Comput. Secur."},{"key":"10_CR10","doi-asserted-by":"crossref","unstructured":"Buiras, P., Vytiniotis, D., Russo, A.: HLIO: mixing static and dynamic typing for information-flow control in haskell. In: Proceedings of the 20th ACM SIGPLAN International Conference on Functional Programming, ICFP 2015, Vancouver, BC, Canada, 1\u20133 September 2015, pp. 289\u2013301 (2015)","DOI":"10.1145\/2784731.2784758"},{"key":"10_CR11","doi-asserted-by":"crossref","unstructured":"Christakis, M., Bird, C.: What developers want and need from program analysis: an empirical study. In: Proceedings of the 31st IEEE\/ACM International Conference on Automated Software Engineering, pp. 332\u2013343 (2016)","DOI":"10.1145\/2970276.2970347"},{"key":"10_CR12","unstructured":"ECMA International: Standard ECMA-262 - ECMAScript Language Specification. 5.1 edn, June 2011"},{"key":"10_CR13","unstructured":"Enck, W., et al.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of 9th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2010, 4\u20136 October 2010, Vancouver, BC, Canada, pp. 393\u2013407 (2010)"},{"issue":"6","key":"10_CR14","doi-asserted-by":"publisher","first-page":"399","DOI":"10.1007\/s10207-009-0086-1","volume":"8","author":"C Hammer","year":"2009","unstructured":"Hammer, C., Snelting, G.: Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs. Int. J. Inf. Secur. 8(6), 399\u2013422 (2009)","journal-title":"Int. J. Inf. Secur."},{"key":"10_CR15","doi-asserted-by":"crossref","unstructured":"Hedin, D., Birgisson, A., Bello, L., Sabelfeld, A.: JSFlow: tracking information flow in JavaScript and its APIs. In: SAC (2014)","DOI":"10.1145\/2554850.2554909"},{"key":"10_CR16","unstructured":"Hedin, D., Sabelfeld, A.: A perspective on information-flow control. In: Software Safety and Security - Tools for Analysis and Verification, pp. 319\u2013347 (2012)"},{"key":"10_CR17","doi-asserted-by":"crossref","unstructured":"Li, B., Ma, R., Wang, X., Wang, X., He, J.: DepTaint: a static taint analysis method based on program dependence. In: Proceedings of the 2020 4th International Conference on Management Engineering, Software Engineering and Service Sciences, pp. 34\u201341 (2020)","DOI":"10.1145\/3380625.3380642"},{"key":"10_CR18","doi-asserted-by":"crossref","unstructured":"Livshits, V.B., Nori, A.V., Rajamani, S.K., Banerjee, A.: Merlin: specification inference for explicit information flow problems. In: PLDI 2009, Dublin, Ireland, 15\u201321 June 2009, pp. 75\u201386 (2009)","DOI":"10.1145\/1543135.1542485"},{"key":"10_CR19","doi-asserted-by":"crossref","unstructured":"Mover, S., Sankaranarayanan, S., Olsen, R.B.P., Chang, B.E.: Mining framework usage graphs from app corpora. In: 25th International Conference on Software Analysis, Evolution and Reengineering, SANER 2018, Campobasso, Italy, 20\u201323 March 2018 (2018)","DOI":"10.1109\/SANER.2018.8330216"},{"key":"10_CR20","unstructured":"Myers, A.C., Zheng, L., Zdancewic, S., Chong, S., Nystrom, N.: Jif 3.0: Java information flow, July 2006. http:\/\/www.cs.cornell.edu\/jif"},{"key":"10_CR21","doi-asserted-by":"crossref","unstructured":"Nguyen, T.T., Nguyen, H.A., Pham, N.H., Al-Kofahi, J.M., Nguyen, T.N.: Graph-based mining of multiple object usage patterns. In: ESEC\/FSE, 2009, Amsterdam, The Netherlands, 24\u201328 August 2009 (2009)","DOI":"10.1145\/1595696.1595767"},{"key":"10_CR22","doi-asserted-by":"crossref","unstructured":"Pottier, F., Simonet, V.: Information flow inference for ML. In: Conference Record of POPL 2002: The 29th SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Portland, OR, USA, 16\u201318 January 2002, pp. 319\u2013330 (2002)","DOI":"10.1145\/565816.503302"},{"key":"10_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"352","DOI":"10.1007\/978-3-642-11486-1_30","volume-title":"Perspectives of Systems Informatics","author":"A Sabelfeld","year":"2010","unstructured":"Sabelfeld, A., Russo, A.: From dynamic to static and back: riding the roller coaster of information-flow control research. In: Pnueli, A., Virbitskaite, I., Voronkov, A. (eds.) PSI 2009. LNCS, vol. 5947, pp. 352\u2013365. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-11486-1_30"},{"key":"10_CR24","doi-asserted-by":"crossref","unstructured":"Schoepe, D., Balliu, M., Pierce, B.C., Sabelfeld, A.: Explicit secrecy: a policy for taint tracking. In: IEEE European Symposium on Security and Privacy, EuroS&P 2016, Saarbr\u00fccken, Germany, 21\u201324 March 2016, pp. 15\u201330 (2016)","DOI":"10.1109\/EuroSP.2016.14"},{"key":"10_CR25","doi-asserted-by":"crossref","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: 31st IEEE Symposium on Security and Privacy, S&P 2010, 16\u201319 May 2010, Berleley\/Oakland, California, USA, pp. 317\u2013331 (2010)","DOI":"10.1109\/SP.2010.26"},{"key":"10_CR26","doi-asserted-by":"crossref","unstructured":"Stefan, D., Russo, A., Mitchell, J.C., Mazi\u00e8res, D.: Flexible dynamic information flow control in haskell. In: Proceedings of the 4th ACM SIGPLAN Symposium on Haskell, Haskell 2011, Tokyo, Japan, 22 September 2011, pp. 95\u2013106 (2011)","DOI":"10.1145\/2034675.2034688"},{"key":"10_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"290","DOI":"10.1007\/978-3-319-03542-0_21","volume-title":"Programming Languages and Systems","author":"H Zhu","year":"2013","unstructured":"Zhu, H., Dillig, T., Dillig, I.: Automated inference of library specifications for source-sink property verification. In: Shan, C. (ed.) APLAS 2013. LNCS, vol. 8301, pp. 290\u2013306. Springer, Cham (2013). https:\/\/doi.org\/10.1007\/978-3-319-03542-0_21"}],"container-title":["Lecture Notes in Computer Science","Foundations and Practice of Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-08147-7_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,14]],"date-time":"2022-06-14T16:44:29Z","timestamp":1655225069000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-08147-7_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031081460","9783031081477"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-08147-7_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"15 June 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FPS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Foundations and Practice of Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Paris","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 December 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 December 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fps2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.fps-2021.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"62","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"29% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}