{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T15:14:19Z","timestamp":1772032459644,"version":"3.50.1"},"publisher-location":"Cham","reference-count":53,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031223075","type":"print"},{"value":"9783031223082","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-22308-2_5","type":"book-chapter","created":{"date-parts":[[2022,12,1]],"date-time":"2022-12-01T19:55:03Z","timestamp":1669924503000},"page":"74-103","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["SecWasm: Information Flow Control for\u00a0WebAssembly"],"prefix":"10.1007","author":[{"given":"Iulia","family":"Bastys","sequence":"first","affiliation":[]},{"given":"Maximilian","family":"Algehed","sequence":"additional","affiliation":[]},{"given":"Alexander","family":"Sj\u00f6sten","sequence":"additional","affiliation":[]},{"given":"Andrei","family":"Sabelfeld","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,12,2]]},"reference":[{"key":"5_CR1","unstructured":"Ethereum WebAssembly (ewasm). http:\/\/ewasm.readthedocs.io\/en\/mkdocs"},{"key":"5_CR2","unstructured":"WebAssembly Security. http:\/\/webassembly.org\/docs\/security"},{"key":"5_CR3","doi-asserted-by":"crossref","unstructured":"Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity principles, implementations, and applications. Trans. Inf. Syst. Sec. 13, 1\u201340 (2009)","DOI":"10.1145\/1609956.1609960"},{"key":"5_CR4","doi-asserted-by":"crossref","unstructured":"Askarov, A., Hunt, S., Sabelfeld, A., Sands, D.: Termination-insensitive noninterference leaks more than just a bit. In: ESORICS (2008)","DOI":"10.1007\/978-3-540-88313-5_22"},{"key":"5_CR5","doi-asserted-by":"crossref","unstructured":"Barthe, G., Pichardie, D., Rezk, T.: A certified lightweight non-interference java bytecode verifier. Math. Struct. Comput. Sci. 23(05), 125\u2013140 (2013)","DOI":"10.1007\/978-3-540-71316-6_10"},{"key":"5_CR6","unstructured":"Bastys, I., Algehed, M., Sj\u00f6sten, A., Sabelfeld., A.: SecWasm: Information Flow Control in WebAssembly\u2013Full version (2022). http:\/\/www.cse.chalmers.se\/research\/group\/security\/secwasm\/"},{"key":"5_CR7","doi-asserted-by":"crossref","unstructured":"Bernardeschi, C., De Francesco, N.: Combining abstract interpretation and model checking for analysing security properties of Java Bytecode. In: VMCAI (2002)","DOI":"10.1007\/3-540-47813-2_1"},{"key":"5_CR8","doi-asserted-by":"crossref","unstructured":"Besson, F., Bielova, N., Jensen, T.P.: Hybrid information flow monitoring against web tracking. In: CSF (2013)","DOI":"10.1109\/CSF.2013.23"},{"key":"5_CR9","doi-asserted-by":"crossref","unstructured":"Bichhawat, A., McCall, M., Jia, L.: Gradual security types and gradual guarantees. In: CSF (2021)","DOI":"10.1109\/CSF51468.2021.00015"},{"key":"5_CR10","doi-asserted-by":"crossref","unstructured":"Bichhawat, A., Rajani, V., Garg, D., Hammer, C.: Information flow control in Webkit\u2019s javascript bytecode. In: POST (2014)","DOI":"10.1007\/978-3-642-54792-8_9"},{"key":"5_CR11","doi-asserted-by":"crossref","unstructured":"Bieber, P., Cazin, J., Girard, P., Lanet, J., Wiels, V., Zanon, G.: Checking secure interactions of smart card applets: extended version. J. Comput. Secur. 10, 369\u2013398 (2002)","DOI":"10.3233\/JCS-2002-10404"},{"key":"5_CR12","doi-asserted-by":"crossref","unstructured":"Birgisson, A., Russo, A., Sabelfeld, A.: Unifying facets of information integrity. In: ICISS (2010)","DOI":"10.1007\/978-3-642-17714-9_5"},{"key":"5_CR13","unstructured":"Bonelli, E., Compagnoni, A., Medel, R.: SIFTAL: a typed assembly language for secure information flow analysis. Technical report (2004)"},{"key":"5_CR14","doi-asserted-by":"crossref","unstructured":"Buiras, P., Vytiniotis, D., Russo, A.: HLIO: mixing static and dynamic typing for information-flow control in Haskell. In: ICFP (2015)","DOI":"10.1145\/2784731.2784758"},{"key":"5_CR15","doi-asserted-by":"crossref","unstructured":"Cassel, D., Huang, Y., Jia, L.: FlowNotation: uncovering information flow policy violations in C Programs. CoRR, abs\/1907.01727 (2019)","DOI":"10.1007\/978-3-030-29962-0_2"},{"key":"5_CR16","doi-asserted-by":"crossref","unstructured":"De Francesco, N., Martini, N.: Instruction-level security analysis for information flow in stack-based assembly languages. Inf. Comput. 205, 1334\u20131370 (2007)","DOI":"10.1016\/j.ic.2007.04.002"},{"key":"5_CR17","unstructured":"Disney, T., Flanagan, C.: Gradual information flow typing. In: STOP (2011)"},{"key":"5_CR18","doi-asserted-by":"crossref","unstructured":"Disselkoen, C., Renner, J., Watt, C., Garfinkel, T., Levy, A., Stefan, D.: Position paper: progressive memory safety for WebAssembly. In: HASP@ISCA (2019)","DOI":"10.1145\/3337167.3337171"},{"key":"5_CR19","unstructured":"Fu, W., Lin, R., Inge, D.: TaintAssembly: taint-based information flow control tracking for WebAssembly. CoRR, abs\/1802.01050 (2018)"},{"key":"5_CR20","doi-asserted-by":"crossref","unstructured":"Genaim, S., Spoto, F.: Information flow analysis for java bytecode. In: VMCAI (2005)","DOI":"10.1007\/978-3-540-30579-8_23"},{"key":"5_CR21","doi-asserted-by":"crossref","unstructured":"Geraldo, E., Santos, J.F., Seco, J.C.: Hybrid information flow control for low-level code. In: SEFM (2021)","DOI":"10.1007\/978-3-030-92124-8_9"},{"key":"5_CR22","doi-asserted-by":"crossref","unstructured":"Haas, A., et al.: Bringing the web up to speed with webassembly. In: PLDI (2017)","DOI":"10.1145\/3062341.3062363"},{"key":"5_CR23","doi-asserted-by":"crossref","unstructured":"Hedin, D., Bello, L., Sabelfeld, A.: Value-sensitive hybrid information flow control for a javascript-like language. In: CSF (2015)","DOI":"10.1109\/CSF.2015.31"},{"key":"5_CR24","unstructured":"Hoffman, K.: WebAssembly in the cloud. http:\/\/medium.com\/@KevinHoffman\/webassembly-in-the-cloud-2f637f72d9a9"},{"key":"5_CR25","unstructured":"Kobayashi, N., Shirane, K.: Type-based information analysis for low-level languages. In: APLAS (2002)"},{"key":"5_CR26","doi-asserted-by":"crossref","unstructured":"Le Guernic, G.: Automaton-based confidentiality monitoring of concurrent programs. In: CSF (2007)","DOI":"10.1109\/CSF.2007.10"},{"key":"5_CR27","unstructured":"Lehmann, D., Kinder, J., Pradel, M.: Everything old is new again: binary security of WebAssembly. In: USENIX Security (2020)"},{"key":"5_CR28","doi-asserted-by":"crossref","unstructured":"Lehmann, D., Pradel, M.: Wasabi: a framework for dynamically analyzing WebAssembly. In: ASPLOS (2019)","DOI":"10.1145\/3297858.3304068"},{"key":"5_CR29","doi-asserted-by":"crossref","unstructured":"Medel, R., Compagnoni, A.B., Bonelli, E.: A typed assembly language for non-interference. In: ICTCS (2005)","DOI":"10.1007\/11560586_29"},{"key":"5_CR30","doi-asserted-by":"crossref","unstructured":"Morrisett, J.G., Walker, D., Crary, K., Glew, N.: From system F to typed assembly language. ACM Trans. Progr. Lang. Sys. 21, 527\u2013568 (1999)","DOI":"10.1145\/319301.319345"},{"key":"5_CR31","doi-asserted-by":"crossref","unstructured":"Myers, A.C., Liskov, B.: A decentralized model for information flow control. In: SOSP (1997)","DOI":"10.1145\/268998.266669"},{"key":"5_CR32","doi-asserted-by":"crossref","unstructured":"Myers, A.C., Sabelfeld, A., Zdancewic, S.: Enforcing robust declassification and qualified robustness. J. Comput. Secur. 14, 157\u2013196 (2006)","DOI":"10.3233\/JCS-2006-14203"},{"key":"5_CR33","unstructured":"Narayan, S., et al.: Swivel: hardening WebAssembly against Spectre. In: USENIX Security (2021)"},{"key":"5_CR34","doi-asserted-by":"crossref","unstructured":"Rastogi, A., Swamy, N., Fournet, C., Bierman, G.M., Vekris, P.: Safe & efficient gradual typing for TypeScript. In: POPL (2015)","DOI":"10.1145\/2676726.2676971"},{"key":"5_CR35","doi-asserted-by":"crossref","unstructured":"Russo, A., Sabelfeld, A.: Dynamic vs. static flow-sensitive security analysis, In: CSF (2010)","DOI":"10.1109\/CSF.2010.20"},{"key":"5_CR36","doi-asserted-by":"crossref","unstructured":"Sabelfeld, A., Myers, A.C.: Language-based information-flow security. J. Select. Areas Commun. 21 (2003)","DOI":"10.1109\/JSAC.2002.806121"},{"key":"5_CR37","unstructured":"Sabelfeld, A., Sands, D.: Declassification: dimensions and principles. In: 18th IEEE Workshop on Computer Security Foundations, 2009. CSFW-18 (2009)"},{"key":"5_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-319-28766-9_5","volume-title":"Trustworthy Global Computing","author":"J Fragoso Santos","year":"2016","unstructured":"Fragoso Santos, J., Jensen, T., Rezk, T., Schmitt, A.: Hybrid typing of secure information flow in a JavaScript-like language. In: Ganty, P., Loreti, M. (eds.) TGC 2015. LNCS, vol. 9533, pp. 63\u201378. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-28766-9_5"},{"key":"5_CR39","unstructured":"Siek, J., Taha, W.: Gradual typing for functional languages. In: Scheme and Functional Programming Workshop (SFP) (2006)"},{"key":"5_CR40","unstructured":"Singh, R.G., Scholliers, C.: WARDuino: a dynamic WebAssembly virtual machine for programming microcontrollers. In: MPLR (2019)"},{"key":"5_CR41","doi-asserted-by":"crossref","unstructured":"Sti\u00e9venart, Q., De Roover, C.: Compositional information flow analysis for WebAssembly programs. In: SCAM (2020)","DOI":"10.1109\/SCAM51674.2020.00007"},{"key":"5_CR42","doi-asserted-by":"crossref","unstructured":"Swamy, N., et al.: Gradual Typing embedded securely in JavaScript. In: POPL (2014)","DOI":"10.1145\/2535838.2535889"},{"key":"5_CR43","unstructured":"Szanto, A., Tamm, T., Pagnoni, A.: Taint tracking for WebAssembly. CoRR, abs\/1807.08349 (2018)"},{"key":"5_CR44","doi-asserted-by":"crossref","unstructured":"Szefer, J.: Survey of microarchitectural side and covert channels, attacks, and defenses. J. Hardw. Syst. Secur. 3, 219\u2013234 (2019)","DOI":"10.1007\/s41635-018-0046-1"},{"key":"5_CR45","doi-asserted-by":"crossref","unstructured":"Tsoupidi, R., Balliu, M., Baudry, B.: Vivienne: relational verification of cryptographic implementations in WebAssembly. In IEEE Secure Development Conference, SecDev 2021, Atlanta, GA, USA, 18\u201320 October 2021, pp. 94\u2013102. IEEE (2021)","DOI":"10.1109\/SecDev51306.2021.00029"},{"key":"5_CR46","unstructured":"Vogt, P., et al.: Cross site scripting prevention with dynamic data tainting and static analysis. In: NDSS (2007)"},{"key":"5_CR47","unstructured":"W3C. WebAssembly Core Specification. https:\/\/www.w3.org\/TR\/wasm-core-1\/"},{"key":"5_CR48","unstructured":"Wagner, L.: WebAssembly consensus and end of browser preview. https:\/\/lists.w3.org\/Archives\/Public\/public-webassembly\/2017Feb\/0002.html"},{"key":"5_CR49","doi-asserted-by":"crossref","unstructured":"Watt, C., Renner, J., Popescu, N., Cauligi, S., Stefan, D.: CT-WASM: type-driven secure cryptography for the web ecosystem. In: POPL (2019)","DOI":"10.1145\/3290390"},{"key":"5_CR50","unstructured":"WebAssembly Community Group. WebAssembly Specification, current version. https:\/\/webassembly.github.io\/spec\/core\/"},{"key":"5_CR51","doi-asserted-by":"crossref","unstructured":"Wen, E., Weber, C.: Wasmachine: Bring IoT up to speed with a WebAssembly OS. In: PerCom Workshops (2020)","DOI":"10.1109\/PerComWorkshops48775.2020.9156135"},{"key":"5_CR52","doi-asserted-by":"crossref","unstructured":"Yu, D., Islam, N.: A typed assembly language for confidentiality. In: ESOP (2006)","DOI":"10.1007\/11693024_12"},{"key":"5_CR53","unstructured":"Zdancewic, S.A.: Programming languages for information security. Ph.D. Thesis, Cornell University (2002)"}],"container-title":["Lecture Notes in Computer Science","Static Analysis"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-22308-2_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,12,1]],"date-time":"2022-12-01T19:56:11Z","timestamp":1669924571000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-22308-2_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031223075","9783031223082"],"references-count":53,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-22308-2_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"2 December 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SAS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Static Analysis Symposium","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Auckland","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"New Zealand","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 December 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 December 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sas2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.staticanalysis.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"43","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"42% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.2","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6.1","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}