{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,9]],"date-time":"2026-03-09T02:27:13Z","timestamp":1773023233990,"version":"3.50.1"},"reference-count":48,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011,11]]},"DOI":"10.1109\/milcom.2011.6127475","type":"proceedings-article","created":{"date-parts":[[2012,3,1]],"date-time":"2012-03-01T16:34:31Z","timestamp":1330619671000},"page":"1261-1266","source":"Crossref","is-referenced-by-count":3,"title":["On the (f)utility of untrusted data sanitization"],"prefix":"10.1109","author":[{"given":"Ashish","family":"Gehani","sequence":"first","affiliation":[]},{"given":"David","family":"Hanz","sequence":"additional","affiliation":[]},{"given":"John","family":"Rushby","sequence":"additional","affiliation":[]},{"given":"Grit","family":"Denker","sequence":"additional","affiliation":[]},{"given":"Rance","family":"DeLong","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"19","author":"gosling","year":"1996","journal-title":"Java Language Specification"},{"key":"35","doi-asserted-by":"publisher","DOI":"10.1109\/CSFW.2005.15"},{"key":"17","doi-asserted-by":"publisher","DOI":"10.1109\/SP.1982.10014"},{"key":"36","article-title":"Multilevel security","author":"smith","year":"2006","journal-title":"Handbook of Information Security"},{"key":"18","article-title":"A secure environment for untrusted helper applications","author":"goldberg","year":"0","journal-title":"6th USENIX Security Symposium 1996"},{"key":"33","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2002.806121"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.1145\/1749603.1749605"},{"key":"34","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-540-37621-7_9","article-title":"A model for delimited information release","volume":"3233","author":"sabelfeld","year":"2004","journal-title":"Lecture Notes in Computer Science"},{"key":"16","year":"0","journal-title":"GIG IA Architecture"},{"key":"39","doi-asserted-by":"publisher","DOI":"10.1142\/S0218488502001648"},{"key":"13","author":"fletcher","year":"2008","journal-title":"XML Data Flow Configuration File Format Specification"},{"key":"14","article-title":"Achieving a trusted database management system using parallelism","author":"froscher","year":"1989","journal-title":"Database Security II Status and Prospects"},{"key":"37","doi-asserted-by":"publisher","DOI":"10.1109\/EH.2002.1029855"},{"key":"11","author":"dodds","year":"2010","journal-title":"A Development Environment and Static Analyses for GUARDOL - A Language for the Specification of High Assurance Guards"},{"key":"38","author":"stevens","year":"1995","journal-title":"Data Diodes"},{"key":"12","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-540-79228-4_1","article-title":"Differential privacy: A survey of results, Theory and Applications of Models of Computation","volume":"4978","author":"dwork","year":"2008","journal-title":"Lecture Notes in Computer Science"},{"key":"21","article-title":"Dynamic updating of information-flow policies","author":"hicks","year":"0","journal-title":"International Workshop on Foundations of Computer Security 2005"},{"key":"20","author":"hicks","year":"2005","journal-title":"Declassification with Cryptographic Functions in A Security-typed Language"},{"key":"43","year":"2009","journal-title":"U S Fleet Forces Command Briefing Training - Cross Domain Information Sharing (T-CDIS) Summit"},{"key":"42","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-540-31987-0_20","article-title":"A design for a security-typed language with certificate-based declassification","volume":"3444","author":"tse","year":"2005","journal-title":"Lecture Notes in Computer Science"},{"key":"41","year":"0","journal-title":"Tactical Cross Domain Solution"},{"key":"40","year":"0","journal-title":"Trusted Services Engine"},{"key":"48","doi-asserted-by":"publisher","DOI":"10.1145\/1081870.1081909"},{"key":"45","doi-asserted-by":"publisher","DOI":"10.1109\/CSFW.2000.856941"},{"key":"44","doi-asserted-by":"crossref","DOI":"10.3233\/JCS-1996-42-304","article-title":"A sound type system for secure flow analysis","volume":"4","author":"volpano","year":"1996","journal-title":"Journal of Computer Security"},{"key":"47","doi-asserted-by":"publisher","DOI":"10.1145\/505231.505234"},{"key":"46","doi-asserted-by":"publisher","DOI":"10.1145\/363516.363520"},{"key":"22","year":"0","journal-title":"High Speed Guard"},{"key":"23","article-title":"The pump: A decade of covert fun","author":"kang","year":"0","journal-title":"21st Annual Computer Security Applications Conference 2005"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1023\/A:1013999415003"},{"key":"25","article-title":"A privacy-preserving inter-domain audit framework","author":"lee","year":"0","journal-title":"5th ACM Workshop on Privacy in Electronic Society 2006"},{"key":"26","article-title":"Design of a role-based trust-management framework","author":"li","year":"0","journal-title":"2002 IEEE Symposium on Security and Privacy"},{"key":"27","year":"2011","journal-title":"LynxSecure Separation Kernel-Hypervisor Version 4 0 User Guide"},{"key":"28","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2006.1"},{"key":"29","doi-asserted-by":"publisher","DOI":"10.14778\/1687627.1687717"},{"key":"3","article-title":"The MILS architecture for high assurance embedded systems","volume":"2","author":"alves-foss","year":"2006","journal-title":"International Journal of Embedded Systems"},{"key":"2","author":"aho","year":"1986","journal-title":"Compilers Principles Tools and Techniques"},{"key":"10","doi-asserted-by":"publisher","DOI":"10.1145\/359636.359712"},{"key":"1","doi-asserted-by":"publisher","DOI":"10.1145\/76894.76895"},{"key":"30","doi-asserted-by":"publisher","DOI":"10.1145\/363516.363526"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1561\/1900000008"},{"key":"6","author":"cebrowski","year":"1998","journal-title":"Net-centric Warfare Its Origin and Future"},{"key":"32","doi-asserted-by":"publisher","DOI":"10.1145\/800216.806586"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1109\/DASC.2008.4702758"},{"key":"31","article-title":"Security guards for the future Web","author":"reed","year":"2004","journal-title":"MITRE Technical Report MTR 04W0000092"},{"key":"4","author":"beynon-davies","year":"2000","journal-title":"Database Systems"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1109\/POLICY.2010.33"},{"key":"8","article-title":"Security policies for downgrading","author":"chong","year":"0","journal-title":"11th ACM Conference on Computer and Communications Security 2004"}],"event":{"name":"MILCOM 2011 - 2011 IEEE Military Communications Conference","location":"Baltimore, MD, USA","start":{"date-parts":[[2011,11,7]]},"end":{"date-parts":[[2011,11,10]]}},"container-title":["2011 - MILCOM 2011 Military Communications Conference"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/6111660\/6127424\/06127475.pdf?arnumber=6127475","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,24]],"date-time":"2019-06-24T19:43:02Z","timestamp":1561405382000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6127475\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011,11]]},"references-count":48,"URL":"https:\/\/doi.org\/10.1109\/milcom.2011.6127475","relation":{},"subject":[],"published":{"date-parts":[[2011,11]]}}}