{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T20:57:21Z","timestamp":1776891441196,"version":"3.51.2"},"reference-count":64,"publisher":"Centre pour la Communication Scientifique Directe (CCSD)","license":[{"start":{"date-parts":[[2017,1,12]],"date-time":"2017-01-12T00:00:00Z","timestamp":1484179200000},"content-version":"unspecified","delay-in-days":11,"URL":"https:\/\/www.cambridge.org\/core\/terms"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["J. Funct. Prog."],"published-print":{"date-parts":[[2017]]},"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>\n                    We describe a language-based, dynamic information flow control (IFC) system called LIO. Our system presents a new design point for IFC, influenced by the challenge of implementing IFC as a Haskell library, as opposed to the more typical approach of modifying the language runtime system. In particular, we take a coarse-grained, floating-label approach, previously used by IFC Operating Systems, and associate a single, mutable label\u2014the\n                    <jats:italic>current label<\/jats:italic>\n                    \u2014with all the data in a computation's context. This label is always raised to reflect the reading of sensitive information and it is used to restrict the underlying computation's effects. To preserve the flexibility of fine-grained systems, LIO also provides programmers with a means for associating an explicit label with a piece of data. Interestingly, these labeled values can be used to encapsulate the results of sensitive computations which would otherwise lead to the creeping of the current label. Unlike other language-based systems, LIO also bounds the current label with a\n                    <jats:italic>current clearance<\/jats:italic>\n                    , providing a form of discretionary access control that LIO programs can use to deal with covert channels. Moreover, LIO provides programmers with mutable references and exceptions. The latter, exceptions, are used in LIO to encode and recover from monitor failures, all while preserving data confidentiality and integrity\u2014this addresses a longstanding concern that dynamic IFC is inherently prone to information leakage due to monitor failure.\n                  <\/jats:p>","DOI":"10.1017\/s0956796816000241","type":"journal-article","created":{"date-parts":[[2017,1,12]],"date-time":"2017-01-12T03:04:22Z","timestamp":1484190262000},"source":"Crossref","is-referenced-by-count":16,"title":["Flexible dynamic information flow control in the presence of exceptions"],"prefix":"10.46298","volume":"27","author":[{"given":"DEIAN","family":"STEFAN","sequence":"first","affiliation":[]},{"given":"DAVID","family":"MAZI\u00c8RES","sequence":"additional","affiliation":[]},{"given":"JOHN C.","family":"MITCHELL","sequence":"additional","affiliation":[]},{"given":"ALEJANDRO","family":"RUSSO","sequence":"additional","affiliation":[]}],"member":"25203","published-online":{"date-parts":[[2017,1,12]]},"reference":[{"key":"S0956796816000241_ref55","volume-title":"Proceedings of Symposium on Haskell","author":"Terei","year":"2012"},{"key":"S0956796816000241_ref4","volume-title":"Proceedings of Computer Security Foundations symposium","author":"Askarov","year":"2009"},{"key":"S0956796816000241_ref49","volume-title":"Proceedings of International Conference on Functional Programming","author":"Stefan","year":"2012"},{"key":"S0956796816000241_ref21","volume-title":"Proceedings of Computer Security Foundations Workshop","author":"Harrison","year":"2005"},{"key":"S0956796816000241_ref44","volume-title":"Proceedings of Computer Security Foundations Symposium","author":"Russo","year":"2010"},{"key":"S0956796816000241_ref6","doi-asserted-by":"publisher","DOI":"10.1017\/S095679680900728X"},{"key":"S0956796816000241_ref23","volume-title":"Proceedings of Computer Security Foundations Workshop","author":"Hedin","year":"2006"},{"key":"S0956796816000241_ref16","volume-title":"Proceedings of Workshop on Types in Language Design and Implementation","author":"Devriese","year":"2011"},{"key":"S0956796816000241_ref37","first-page":"410","article-title":"Protecting privacy using the decentralized label model","volume":"9","author":"Myers","year":"2000","journal-title":"ACM Trans. Comput. Syst."},{"key":"S0956796816000241_ref14","doi-asserted-by":"publisher","DOI":"10.1145\/359636.359712"},{"key":"S0956796816000241_ref63","first-page":"15","volume-title":"csfw","author":"Zdancewic","year":"2001"},{"key":"S0956796816000241_ref12","doi-asserted-by":"publisher","DOI":"10.1017\/S0956796804005441"},{"key":"S0956796816000241_ref31","volume-title":"Proceedings of Computer Security Foundations Workshop","author":"Li","year":"2006"},{"key":"S0956796816000241_ref58","doi-asserted-by":"publisher","DOI":"10.1145\/1314299.1314302"},{"key":"S0956796816000241_ref5","volume-title":"Proceedings of European Symposium on Research in Computer Security","author":"Askarov","year":"2008"},{"key":"S0956796816000241_ref11","volume-title":"Proceedings of Computer Security Foundations Symposium","author":"Buiras","year":"2014"},{"key":"S0956796816000241_ref52","doi-asserted-by":"crossref","unstructured":"Stefan D. , Russo A. , Mitchell J. C. & Mazi\u00e8res D. (2012b) Flexible dynamic information flow control in the presence of exceptions. Preprint arxiv:1207.1457.","DOI":"10.1145\/2034675.2034688"},{"key":"S0956796816000241_ref27","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-6423(99)00023-4"},{"key":"S0956796816000241_ref30","doi-asserted-by":"publisher","DOI":"10.1145\/356850.356852"},{"key":"S0956796816000241_ref51","volume-title":"Proceedings of Symposium on Haskell","author":"Stefan","year":"2011"},{"key":"S0956796816000241_ref57","volume-title":"Proceedings of 9th ACM Sigplan International Conference on Functional Programming","author":"Tse","year":"2004"},{"key":"S0956796816000241_ref22","volume-title":"In Proceedings of Computer Security Foundations Symposium","author":"Hedin","year":"2012"},{"key":"S0956796816000241_ref41","doi-asserted-by":"publisher","DOI":"10.1145\/1379022.1375602"},{"key":"S0956796816000241_ref45","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2002.806121"},{"key":"S0956796816000241_ref28","volume-title":"Proceedings of Symposium on Operating Systems Principles","author":"Krohn","year":"2007"},{"key":"S0956796816000241_ref46","volume-title":"Proceedings of Conference on Perspectives of System Informatics","author":"Sabelfeld","year":"2009"},{"key":"S0956796816000241_ref33","volume-title":"Proceedings of Symposium on Principles of Programming Languages","author":"Liang","year":"1995"},{"key":"S0956796816000241_ref1","volume-title":"Proceedings of Symposium on Principles of Programming Panguages","author":"Abadi","year":"1999"},{"key":"S0956796816000241_ref2","volume-title":"Proceedings of Symposium on Principles of Programming Languages","author":"Agat","year":"2000"},{"key":"S0956796816000241_ref15","unstructured":"Department of Defense. (1985) Trusted Computer System Evaluation Criteria (Orange Book). DoD 5200.28-STD edn. Department of Defense."},{"key":"S0956796816000241_ref18","unstructured":"Friedman D. P. & Wise D. S. (1976) The impact of applicative programming on multiprocessing. In Proceedings of International Conference on Parallel Processing. Indiana University, Computer Science Department."},{"key":"S0956796816000241_ref13","doi-asserted-by":"publisher","DOI":"10.1145\/360051.360056"},{"key":"S0956796816000241_ref3","volume-title":"Proceedings of Programming Languages and Analysis for Security","author":"Askarov","year":"2009"},{"key":"S0956796816000241_ref24","volume-title":"Proceedings of Symposium on Principles of Programming Languages","author":"Heintze","year":"1998"},{"key":"S0956796816000241_ref36","volume-title":"Proceedings of Symposium on Operating Systems Principles","author":"Myers","year":"1997"},{"key":"S0956796816000241_ref48","unstructured":"Simonet V. (2003) The Flow Caml system. Software release. Accessed December 8, 2016. Available at: http:\/\/cristal.inria.fr\/simonet\/soft\/flowcaml\/."},{"key":"S0956796816000241_ref50","volume-title":"Proceedings of Nordic conference on secure IT systems","author":"Stefan","year":"2011"},{"key":"S0956796816000241_ref40","volume-title":"Proceedings of Symposium on Principles of Programming Languages","author":"Pottier","year":"2002"},{"key":"S0956796816000241_ref60","doi-asserted-by":"crossref","DOI":"10.7551\/mitpress\/3054.001.0001","volume-title":"The Formal Semantics of Programming Languages: An Introduction","author":"Winskel","year":"1993"},{"key":"S0956796816000241_ref25","volume-title":"Proceedings of Conference on Principles of Security and Trust","author":"Heule","year":"2015"},{"key":"S0956796816000241_ref38","unstructured":"Myers A. C. , Zheng L. , Zdancewic S. , Chong, S. & Nystrom N. (2001) Jif: Java Information Flow. Software release. Accessed December 8, 2016. Available at: http:\/\/www.cs.cornell.edu\/jif"},{"key":"S0956796816000241_ref8","volume-title":"Proceedings of Workshop on Programming Languages and Analysis for Security","author":"Austin","year":"2010"},{"key":"S0956796816000241_ref10","volume-title":"Integrity Considerations for Secure Computer Systems","author":"Biba","year":"1977"},{"key":"S0956796816000241_ref39","volume-title":"Engineering theories of software construction","author":"Peyton Jones","year":"2001"},{"key":"S0956796816000241_ref19","volume-title":"Proceedings of Symposium on Operating Systems Design and Implementation","author":"Giffin","year":"2012"},{"key":"S0956796816000241_ref43","doi-asserted-by":"crossref","unstructured":"Russo A. , Claessen K. & Hughes J. (2008) A library for light-weight information-flow security in Haskell. In Proceedings of Symposium on Haskell. ACM SIGPLAN.","DOI":"10.1145\/1411286.1411289"},{"key":"S0956796816000241_ref20","volume-title":"Proceedings of Symposium on Security and Privacy","author":"Goguen","year":"1982"},{"key":"S0956796816000241_ref34","unstructured":"Miller M. S. (2006) Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control. PhD Thesis, Johns Hopkins University."},{"key":"S0956796816000241_ref47","doi-asserted-by":"publisher","DOI":"10.1109\/PROC.1975.9939"},{"key":"S0956796816000241_ref59","first-page":"203","volume-title":"Proceedings of Security and Trust Management - 11th International Workshop, STM 2015","author":"Waye","year":"2015"},{"key":"S0956796816000241_ref17","volume-title":"Proceedings of Symposium on Operating Systems Principles","author":"Efstathopoulos","year":"2005"},{"key":"S0956796816000241_ref54","doi-asserted-by":"publisher","DOI":"10.1017\/S0956796806006137"},{"key":"S0956796816000241_ref61","volume-title":"Proceedings of Computer Security Foundations Workshop","author":"Zdancewic","year":"2003"},{"key":"S0956796816000241_ref64","unstructured":"Zeldovich N. , Boyd-Wickizer S. , Kohler E. & Mazi\u00e8res D. (2006) Making information flow explicit in HiStar. In Proceedings of Symposium on operating systems design and implementation."},{"key":"S0956796816000241_ref32","doi-asserted-by":"publisher","DOI":"10.1016\/j.tcs.2010.01.025"},{"key":"S0956796816000241_ref7","volume-title":"Proceedings of Workshop on Programming Languages and Analysis for Security","author":"Austin","year":"2009"},{"key":"S0956796816000241_ref26","volume-title":"Proceedings of Symposium on Security and Privacy","author":"Hri\u0163cu","year":"2013"},{"key":"S0956796816000241_ref62","unstructured":"Zdancewic S. A. (2002) Programming Languages for Information Security. Ph.D. thesis, Cornell University."},{"key":"S0956796816000241_ref35","volume-title":"Proceedings of International Conference on Functional Programming","author":"Morgenstern","year":"2010"},{"key":"S0956796816000241_ref53","volume-title":"Proceedings of Symposium on Security and Privacy","author":"Stoughton","year":"1981"},{"key":"S0956796816000241_ref9","doi-asserted-by":"crossref","DOI":"10.21236\/ADA023588","volume-title":"Secure Computer System: Unified Exposition and Multics Interpretation","author":"Bell","year":"1976"},{"key":"S0956796816000241_ref42","volume-title":"Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation. PLDI '09","author":"Roy","year":"2009"},{"key":"S0956796816000241_ref56","volume-title":"Proceedings of Computer Security Foundations Symposium","author":"Tsai","year":"2007"},{"key":"S0956796816000241_ref29","doi-asserted-by":"publisher","DOI":"10.1145\/362375.362389"}],"container-title":["Journal of Functional Programming"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.cambridge.org\/core\/services\/aop-cambridge-core\/content\/view\/S0956796816000241","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T20:19:53Z","timestamp":1776889193000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.cambridge.org\/core\/product\/identifier\/S0956796816000241\/type\/journal_article"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"references-count":64,"alternative-id":["S0956796816000241"],"URL":"https:\/\/doi.org\/10.1017\/s0956796816000241","relation":{},"ISSN":["0956-7968","1469-7653"],"issn-type":[{"value":"0956-7968","type":"print"},{"value":"1469-7653","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]},"article-number":"e5"}}