{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,30]],"date-time":"2026-03-30T02:31:16Z","timestamp":1774837876032,"version":"3.50.1"},"reference-count":65,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2017,5,10]],"date-time":"2017-05-10T00:00:00Z","timestamp":1494374400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"NSF","doi-asserted-by":"publisher","award":["CNS-0905650"],"award-info":[{"award-number":["CNS-0905650"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Program. Lang. Syst."],"published-print":{"date-parts":[[2017,9,30]]},"abstract":"<jats:p>\n            JavaScript is the source of many security problems, including cross-site scripting attacks and malicious advertising code. Central to these problems is the fact that code from untrusted sources runs with full privileges.\n            <jats:italic>Information flow controls<\/jats:italic>\n            help prevent violations of data confidentiality and integrity.\n          <\/jats:p>\n          <jats:p>\n            This article explores\n            <jats:italic>faceted values<\/jats:italic>\n            , a mechanism for providing information flow security in a dynamic manner that avoids the stuck executions of some prior approaches, such as the no-sensitive-upgrade technique. Faceted values simultaneously simulate multiple executions for different security levels to guarantee termination-insensitive noninterference. We also explore the interaction of faceted values with exceptions, declassification, and clearance.\n          <\/jats:p>","DOI":"10.1145\/3024086","type":"journal-article","created":{"date-parts":[[2017,5,10]],"date-time":"2017-05-10T18:08:53Z","timestamp":1494439733000},"page":"1-56","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["Multiple Facets for Dynamic Information Flow with Exceptions"],"prefix":"10.1145","volume":"39","author":[{"given":"Thomas H.","family":"Austin","sequence":"first","affiliation":[{"name":"San Jos\u00e9 State University, San Jose, CA"}]},{"given":"Tommy","family":"Schmitz","sequence":"additional","affiliation":[{"name":"University of California, Santa Cruz, CA"}]},{"given":"Cormac","family":"Flanagan","sequence":"additional","affiliation":[{"name":"University of California, Santa Cruz, CA"}]}],"member":"320","published-online":{"date-parts":[[2017,5,10]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-88313-5_22"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-11957-6_5"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1554339.1554346"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2009.22"},{"key":"e_1_2_1_5_1","volume-title":"Austin","author":"Thomas","year":"2011","unstructured":"Thomas H. Austin. 2011. ZaphodFacetes github page. Retreived from https:\/\/github.com\/taustin\/ZaphodFacets."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1554339.1554353"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1814217.1814220"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2103656.2103677"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2465106.2465121"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.5555\/794201.795164"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2637113.2637116"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2166956.2166961"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653673"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.50"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030110"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542483"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382275"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/360051.360056"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.15"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2009.43"},{"key":"e_1_2_1_21_1","unstructured":"Brendan Eich. 2004. Narcissus--JS implemented in JS. (2004). Retrieved from https:\/\/github.com\/mozilla\/narcissus\/."},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1093\/comjnl\/17.2.143"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.5555\/2103656"},{"key":"e_1_2_1_24_1","volume-title":"dom.js github page. Retrieved","author":"Gal Andreas","year":"2011","unstructured":"Andreas Gal, David Flanagan, and Donovon Preston. 2011. dom.js github page. Retrieved October 2011 from https:\/\/github.com\/andreasgal\/dom.js."},{"key":"e_1_2_1_25_1","volume-title":"Proceedings of the International Workshop on Foundations of Object-Oriented Languages (FOOL\u201911)","author":"Gampe Andreas","year":"2011","unstructured":"Andreas Gampe and Jeffery von Ronne. 2011. Information flow control with errors. In Proceedings of the International Workshop on Foundations of Object-Oriented Languages (FOOL\u201911)."},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.5555\/1782734.1782741"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-009-0086-1"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2015.31"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2012.19"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/268946.268976"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.10"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1111037.1111045"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866339"},{"key":"e_1_2_1_34_1","volume-title":"Jif homepage. Retrieved","author":"Jif","year":"2010","unstructured":"Jif 2010. Jif homepage. Retrieved October 2010 from http:\/\/www.cs.cornell.edu\/jif\/."},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2093328.2093331"},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.19"},{"key":"e_1_2_1_37_1","doi-asserted-by":"crossref","unstructured":"Christoph Kerschbaumer Eric Hennigan Per Larsen Stefan Brunthaler and Michael Franz. 2013b. Information Flow Tracking meets Just-In-Time Compilation. (2013). (submitted)","DOI":"10.1145\/2555289.2555295"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-38908-5_14"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-89862-7_4"},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/360248.360252"},{"key":"e_1_2_1_41_1","volume-title":"Rozzle: De-Cloaking Internet Malware. Technical Report MSR-TR-2011-94. Microsoft Research Technical Report.","author":"Kolbitsch Clemens","year":"2011","unstructured":"Clemens Kolbitsch, Benjamin Livshits, Benjamin Zorn, and Christian Seifert. 2011. Rozzle: De-Cloaking Internet Malware. Technical Report MSR-TR-2011-94. Microsoft Research Technical Report."},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382289"},{"key":"e_1_2_1_43_1","volume-title":"Mozilla Labs: Zaphod add-on for the Firefox browser. Retrieved","author":"Mozilla Labs","year":"2010","unstructured":"Mozilla Labs Zaphod 2010. Mozilla Labs: Zaphod add-on for the Firefox browser. Retrieved October 2010 from http:\/\/mozillalabs.com\/zaphod."},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/292540.292561"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.5555\/1009380.1009673"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/596980.596983"},{"key":"e_1_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/2166956.2166960"},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2013.10"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2015.32"},{"key":"e_1_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251254.1251275"},{"key":"e_1_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2009.16"},{"key":"e_1_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2010.20"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.5555\/1813084.1813092"},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2002.806121"},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2007.20"},{"key":"e_1_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/2034675.2034688"},{"key":"e_1_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2014.28"},{"key":"e_1_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.20"},{"key":"e_1_2_1_59_1","unstructured":"Philipp Vogt Florian Nentwich Nenad Jovanovic Engin Kirda Christopher Kr\u00fcgel and Giovanni Vigna. 2007. Cross-site scripting prevention with dynamic data tainting and static analysis."},{"key":"e_1_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.5555\/353629.353648"},{"key":"e_1_2_1_61_1","volume-title":"SunSpider JavaScript Benchmark. Retrieved","year":"2011","unstructured":"Webkit.org. 2011. SunSpider JavaScript Benchmark. Retrieved October 2011 from http:\/\/www.webkit.org\/perf\/sunspider\/sunspider.html."},{"key":"e_1_2_1_62_1","doi-asserted-by":"publisher","unstructured":"Jean Yang Kuat Yessenov and Armando Solar-Lezama. 2012. A language for automatically enforcing privacy policies See Field and Hicks {2012} 85--96. 10.1145\/2103656.2103669","DOI":"10.1145\/2103656.2103669"},{"key":"e_1_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629604"},{"key":"e_1_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2013.9"},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1571-0661(03)50014-7"}],"container-title":["ACM Transactions on Programming Languages and Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3024086","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3024086","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3024086","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T19:05:03Z","timestamp":1750273503000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3024086"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,5,10]]},"references-count":65,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2017,9,30]]}},"alternative-id":["10.1145\/3024086"],"URL":"https:\/\/doi.org\/10.1145\/3024086","relation":{},"ISSN":["0164-0925","1558-4593"],"issn-type":[{"value":"0164-0925","type":"print"},{"value":"1558-4593","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,5,10]]},"assertion":[{"value":"2015-10-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2016-12-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2017-05-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}