Probability and Timing: Challenges for Secure Programming

Invited Talk
  • David Sands
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2399)


When can a program be trusted with your secret data? The setting which motivates this work is that of confidentiality and privacy in mobile code. Assume that some user wants to run a program that originates from an untrusted source. For example, the program can have been downloaded from an untrusted site on the Internet. When the program is run, it has to be given access to some data that the user regards as confidential in order to compute the desired results. While running, the program also needs to have access to the Internet in order to fetch various kinds of information from databases etc. This setting has been the motivation behind a recent resurgence of interest in the analysis and certification of confidentiality properties of programs.


IEEE Computer Society Secure Information Secret Data Leak Information Secure Program 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    J. Agat and D. Sands. On confidentiality and algorithms. In Francis M. Titsworth, editor, Proceedings of the 2001 IEEE Symposium on Security and Privacy (S&P-01), pages 64–77. IEEE Computer Society, May 2001.Google Scholar
  2. 2.
    A. Sabelfeld and D. Sands. Probabilistic noninterference for multi-threaded programs. In Proceedings of the 13th IEEE Computer Security Foundations Workshop, pages 200–214, Cambridge, England, July 2000. IEEE Computer Society Press.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • David Sands
    • 1
    • 2
  1. 1.Chalmers University of TechnologySweden
  2. 2.Göteborg UniversitySweden

Personalised recommendations