{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,23]],"date-time":"2025-09-23T13:54:18Z","timestamp":1758635658788,"version":"3.41.0"},"publisher-location":"New York, New York, USA","reference-count":38,"publisher":"ACM Press","license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"the National Science Foundation under the grant CCF-1421016"},{"name":"the National Science Foundation under the grant CCF-1337278"},{"name":"Swedish research agencies Vetenskapsradet"},{"name":"the ANR project AJACS ANR-14-CE28-0008"},{"name":"the ANR project CISC ANR-17-CE25-0014-01"},{"name":"SSF Cyber Security projects WebSec: Securing Web-driven Systems and Octopi: Secure Programming for the Internet of Things"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1145\/3184558.3185979","type":"proceedings-article","created":{"date-parts":[[2018,4,18]],"date-time":"2018-04-18T18:04:25Z","timestamp":1524074665000},"page":"731-739","source":"Crossref","is-referenced-by-count":10,"title":["A Better Facet of Dynamic Information Flow Control"],"prefix":"10.1145","author":[{"given":"Minh","family":"Ngo","sequence":"first","affiliation":[{"name":"INRIA, Sophia Antipolis Cedex, France"}]},{"given":"Nataliia","family":"Bielova","sequence":"additional","affiliation":[{"name":"INRIA, Sophia Antipolis Cedex, France"}]},{"given":"Cormac","family":"Flanagan","sequence":"additional","affiliation":[{"name":"University of California, Santa Cruz, Santa Cruz, CA, USA"}]},{"given":"Tamara","family":"Rezk","sequence":"additional","affiliation":[{"name":"INRIA, Sophia Antipolis Cedex, France"}]},{"given":"Alejandro","family":"Russo","sequence":"additional","affiliation":[{"name":"Chalmers University of Technology, Gothenburg, Sweden"}]},{"given":"Thomas","family":"Schmitz","sequence":"additional","affiliation":[{"name":"University of California, Santa Cruz, Santa Cruz, CA, USA"}]}],"member":"320","reference":[{"key":"key-10.1145\/3184558.3185979-1","doi-asserted-by":"crossref","unstructured":"Thomas H. Austin and Cormac Flanagan. 2009. Efficient Purely-dynamic Information Flow Analysis Proc. of PLAS 2009 (PLAS '09). 113--124.","DOI":"10.1145\/1554339.1554353"},{"key":"key-10.1145\/3184558.3185979-2","doi-asserted-by":"crossref","unstructured":"Thomas H. Austin and Cormac Flanagan. 2010. Permissive Dynamic Information Flow Analysis. In Proc. of PLAS 2010 (PLAS '10). 1--12.","DOI":"10.1145\/1814217.1814220"},{"key":"key-10.1145\/3184558.3185979-3","doi-asserted-by":"crossref","unstructured":"Thomas H. Austin and Cormac Flanagan. 2012. Multiple Facets for Dynamic Information Flow. In Proc. of POPL 2012 (POPL '12). 165--178.","DOI":"10.1145\/2103656.2103677"},{"key":"key-10.1145\/3184558.3185979-4","doi-asserted-by":"crossref","unstructured":"Gilles Barthe, Juan Manuel Crespo, Dominique Devriese, Frank Piessens, and Exequiel Rivas. 2012. Secure multi-execution through static program transformation. In Formal Techniques for Distributed Systems. Springer, 186--202.","DOI":"10.1007\/978-3-642-30793-5_12"},{"key":"key-10.1145\/3184558.3185979-5","doi-asserted-by":"crossref","unstructured":"Abhishek Bichhawat, Vineet Rajani, Deepak Garg, and Christian Hammer. 2014. Generalizing Permissive-Upgrade in Dynamic Information Flow Analysis Proc. of PLAS 2014 (PLAS'14). 15--24.","DOI":"10.1145\/2637113.2637116"},{"key":"key-10.1145\/3184558.3185979-6","doi-asserted-by":"crossref","unstructured":"N. Bielova, D. Devriese, F. Massacci, and F. Piessens. 2011. Reactive non-interference for a Browser model. In Proc. of NSS 2011. 97--104.","DOI":"10.1109\/ICNSS.2011.6059965"},{"key":"key-10.1145\/3184558.3185979-7","doi-asserted-by":"crossref","unstructured":"Nataliia Bielova and Tamara Rezk. 2016 a. Spot the Difference: Secure Multi-execution and Multiple Facets Proc. of ESORICS 2016. 501--519.","DOI":"10.1007\/978-3-319-45744-4_25"},{"key":"key-10.1145\/3184558.3185979-8","doi-asserted-by":"crossref","unstructured":"Nataliia Bielova and Tamara Rezk. 2016 b. Spot the Difference: Secure Multi-Execution and Multiple Facets. Technical Report. https:\/\/goo.gl\/b7yoQ9.","DOI":"10.1007\/978-3-319-45744-4_25"},{"key":"key-10.1145\/3184558.3185979-9","doi-asserted-by":"crossref","unstructured":"Nataliia Bielova and Tamara Rezk. 2016 c. A Taxonomy of Information Flow Monitors. In Proc. of POST 2016. 46--67.","DOI":"10.1007\/978-3-662-49635-0_3"},{"key":"key-10.1145\/3184558.3185979-10","doi-asserted-by":"crossref","unstructured":"Iulia Bolocsteanu and Deepak Garg. 2016. Asymmetric Secure Multi-execution with Declassification Proc. of POST 2016. 24--45.","DOI":"10.1007\/978-3-662-49635-0_2"},{"key":"key-10.1145\/3184558.3185979-11","doi-asserted-by":"crossref","unstructured":"Niklas Broberg, Bart van Delft, and David Sands. 2013. Paragon for Practical Programming with Information-Flow Control. Proc. of APLAS 2013 (LNCS), Vol. Vol. 8301. Springer, 217--232.","DOI":"10.1007\/978-3-319-03542-0_16"},{"key":"key-10.1145\/3184558.3185979-12","doi-asserted-by":"crossref","unstructured":"Stefano Calzavara, Alvise Rabitti, and Michele Bugliesi. 2016. Content Security Problems: Evaluating the Effectiveness of Content Security Policy in the Wild. In Proc. of CCS 2016 (CCS '16). 1365--1375.","DOI":"10.1145\/2976749.2978338"},{"key":"key-10.1145\/3184558.3185979-13","doi-asserted-by":"crossref","unstructured":"Willem De Groef, Dominique Devriese, Nick Nikiforakis, and Frank Piessens. 2012. FlowFox: a web browser with flexible and precise information flow control Proc. of CCS 2012. ACM, 748--759.","DOI":"10.1145\/2382196.2382275"},{"key":"key-10.1145\/3184558.3185979-14","doi-asserted-by":"crossref","unstructured":"Dominique Devriese and Frank Piessens. 2010. Noninterference Through Secure Multi-execution. In Proc. of IEEE SP 2010 (SP '10). 109--124.","DOI":"10.1109\/SP.2010.15"},{"key":"key-10.1145\/3184558.3185979-15","doi-asserted-by":"crossref","unstructured":"Petros Efstathopoulos, Maxwell Krohn, Steve VanDeBogart, Cliff Frey, David Ziegler, Eddie Kohler, David Mazières, Frans Kaashoek, and Robert Morris. 2005. Labels and event processes in the Asbestos operating system Proc. of SOSP 2005 (SOSP). ACM.","DOI":"10.1145\/1095810.1095813"},{"key":"key-10.1145\/3184558.3185979-16","doi-asserted-by":"crossref","unstructured":"D. Hedin, A. Birgisson, L. Bello, and A. Sabelfeld. 2014. JSFlow: Tracking information flow in JavaScript and its APIs Proc. of SAC 2014. ACM.","DOI":"10.1145\/2554850.2554909"},{"key":"key-10.1145\/3184558.3185979-17","unstructured":"Collin Jackson and Adam Barth. 2008. Beware of Finer-Grained Origins. In Web 2.0 Security and Privacy (W2SP'08)."},{"key":"key-10.1145\/3184558.3185979-18","unstructured":"Mauro Jaskelioff and Alejandro Russo. 2011. Secure multi-execution in haskell. In International Andrei Ershov Memorial Conference on Perspectives of System Informatics. Springer, 170--178."},{"key":"key-10.1145\/3184558.3185979-19","doi-asserted-by":"crossref","unstructured":"Vineeth Kashyap, Ben Wiedermann, and Ben Hardekopf. 2011. Timing- and Termination-Sensitive Secure Information Flow: Exploring a New Approach. In Proc. of IEEE SP 2011 (SP '11). 413--428.","DOI":"10.1109\/SP.2011.19"},{"key":"key-10.1145\/3184558.3185979-20","doi-asserted-by":"crossref","unstructured":"Maxwell Krohn, Alexander Yip, Micah Brodsky, Natan Cliffer, M. Frans Kaashoek, Eddie Kohler, and Robert Morris. 2007. Information Flow Control for Standard OS Abstractions Proc. of SOSP 2007 (SOSP).","DOI":"10.1145\/1294261.1294293"},{"key":"key-10.1145\/3184558.3185979-21","doi-asserted-by":"crossref","unstructured":"Andrew C Myers. 1999. JFlow: Practical mostly-static information flow control Proc. of POPL 1999. ACM, 228--241.","DOI":"10.1145\/292540.292561"},{"key":"key-10.1145\/3184558.3185979-22","doi-asserted-by":"crossref","unstructured":"Andrew C Myers and Barbara Liskov. 2000. Protecting privacy using the decentralized label model. ACM Transactions on Software Engineering and Methodology (TOSEM) Vol. 9, 4 (2000), 410--442.","DOI":"10.1145\/363516.363526"},{"key":"key-10.1145\/3184558.3185979-23","unstructured":"Minh Ngo, Nataliia Bielova, Cormac Flanagan, Tamara Rezk, Alejandro Russo, and Thomas Schmitz. 2017. A Better Facet of Dynamic Information Flow Control. (2017). https:\/\/goo.gl\/Y2SEnw"},{"key":"key-10.1145\/3184558.3185979-24","doi-asserted-by":"crossref","unstructured":"Minh Ngo, Fabio Massacci, Dimiter Milushev, and Frank Piessens. 2015. Runtime Enforcement of Security Policies on Black Box Reactive Programs Proc. of POPL 2015.","DOI":"10.1145\/2676726.2676978"},{"key":"key-10.1145\/3184558.3185979-25","doi-asserted-by":"crossref","unstructured":"F. Pottier and V. Simonet. 2002. Information Flow Inference for ML. In ACM Symp. on Principles of Programming Languages. 319--330.","DOI":"10.1145\/503272.503302"},{"key":"key-10.1145\/3184558.3185979-26","doi-asserted-by":"crossref","unstructured":"Willard Rafnsson and Andrei Sabelfeld. 2013. Secure Multi-execution: Fine-Grained, Declassification-Aware, and Transparent Proc. of CSF 2013. 33--48.","DOI":"10.1109\/CSF.2013.10"},{"key":"key-10.1145\/3184558.3185979-27","unstructured":"Indrajit Roy, Donald E. Porter, Michael D. Bond, Kathryn S. McKinley, and Emmett Witchel. 2009. Laminar: Practical Fine-grained Decentralized Information Flow Control Proc. of PLDI 2009 (PLDI). ACM."},{"key":"key-10.1145\/3184558.3185979-28","doi-asserted-by":"crossref","unstructured":"Alejandro Russo. 2015. Functional Pearl: Two Can Keep a Secret, if One of Them Uses Haskell Proc. of ICFP 2015 (ICFP). ACM.","DOI":"10.1145\/2784731.2784756"},{"key":"key-10.1145\/3184558.3185979-29","doi-asserted-by":"crossref","unstructured":"José Fragoso Santos, Thomas Jensen, Tamara Rezk, and Alan Schmitt. 2015. Hybrid Typing of Secure Information Flow in a JavaScript-Like Language Proc. of TGC 2015. 63--78.","DOI":"10.1007\/978-3-319-28766-9_5"},{"key":"key-10.1145\/3184558.3185979-30","doi-asserted-by":"crossref","unstructured":"Dolière Francis Some, Nataliia Bielova, and Tamara Rezk. 2017. On the Content Security Policy Violations Due to the Same-Origin Policy Proc. of WWW 2017 (WWW '17). 877--886.","DOI":"10.1145\/3038912.3052634"},{"key":"key-10.1145\/3184558.3185979-31","unstructured":"Deian Stefan, Alejandro Russo, Pablo Buiras, Amit Levy, John C Mitchell, and David Mazieres. 2012. Addressing covert termination and timing channels in concurrent information flow systems Proc. of ICFP 2012, Vol. Vol. 47. ACM, 201--214."},{"key":"key-10.1145\/3184558.3185979-32","unstructured":"D. Stefan, A. Russo, D. Mazières, and J. C. Mitchell. 2011. Disjunction Category Labels. In Proc. of NordSec 2011. Springer-Verlag."},{"key":"key-10.1145\/3184558.3185979-33","doi-asserted-by":"crossref","unstructured":"Mathy Vanhoef, Willem De Groef, Dominique Devriese, Frank Piessens, and Tamara Rezk. 2014. Stateful Declassification Policies for Event-Driven Programs Proc. of CSF 2014 (CSF '14). 293--307.","DOI":"10.1109\/CSF.2014.28"},{"key":"key-10.1145\/3184558.3185979-34","doi-asserted-by":"crossref","unstructured":"Lucas Waye, Pablo Buiras, Dan King, Stephen Chong, and Alejandro Russo. 2015. It's My Privilege: Controlling Downgrading in DC-Labels International Workshop on Security and Trust Management.","DOI":"10.1007\/978-3-319-24858-5_13"},{"key":"key-10.1145\/3184558.3185979-35","unstructured":"Wikipedia. 2017 a. Ad exchange. (2017). https:\/\/en.wikipedia.org\/wiki\/Ad_exchange. Checked on Nov 08, 2017."},{"key":"key-10.1145\/3184558.3185979-36","unstructured":"Wikipedia. 2017 b. Real-time bidding. (2017). https:\/\/en.wikipedia.org\/wiki\/Real-time_bidding. Checked on Nov 08, 2017."},{"key":"key-10.1145\/3184558.3185979-37","unstructured":"Dante Zanarini, Mauro Jaskelioff, and Alejandro Russo. 2013. Precise enforcement of confidentiality for reactive systems Proc. of CSF 2013. IEEE, 18--32."},{"key":"key-10.1145\/3184558.3185979-38","unstructured":"Nickolai Zeldovich, Silas Boyd-Wickizer, Eddie Kohler, and David Mazières. 2006. Making information flow explicit in HiStar. In USENIX Symp. on Operating Systems Design and Implementation. USENIX."}],"event":{"number":"2018","sponsor":["IW3C2, International World Wide Web Conference Committee","SIGWEB, ACM Special Interest Group on Hypertext, Hypermedia, and Web"],"acronym":"WWW '18","name":"Companion of the The Web Conference 2018","start":{"date-parts":[[2018,4,23]]},"location":"Lyon, France","end":{"date-parts":[[2018,4,27]]}},"container-title":["Companion of the The Web Conference 2018 on The Web Conference 2018 - WWW '18"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3184558.3185979","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/dl.acm.org\/ft_gateway.cfm?id=3185979&ftid=1958343&dwn=1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,3]],"date-time":"2025-07-03T19:26:40Z","timestamp":1751570800000},"score":1,"resource":{"primary":{"URL":"http:\/\/dl.acm.org\/citation.cfm?doid=3184558.3185979"}},"subtitle":[],"proceedings-subject":"The Web Conference 2018","short-title":[],"issued":{"date-parts":[[2018]]},"references-count":38,"URL":"https:\/\/doi.org\/10.1145\/3184558.3185979","relation":{},"subject":[],"published":{"date-parts":[[2018]]}}}