| [ES17] | Hamid Ebadi and David Sands. Featherweight PINQ. Journal of Privacy and Security, 2017. (to appear). [ bib | .pdf | Abstract ] |
| [EAS16] | Hamid Ebadi, Thibaud Antignac, and David Sands. Sampling and partitioning for differential privacy. In 14th Annual Conference on Privacy, Security and Trust. IEEE, 2016. [ bib | .pdf | Abstract ] |
| [TSR16a] | Filippo Del Tedesco, David Sands, and Alejandro Russo. Fault resilient non-ininterference. In Proceedings of the 29th IEEE Computer Security Foundations Symposium. IEEE Computer Society, 2016. [ bib | .pdf | Abstract ] |
| [TSR16b] | Filippo Del Tedesco, David Sands, and Alejandro Russo. Fault resilient non-ininterference (extended version), 2016. Extended version of CSF'16 paper including full proofs. [ bib | .pdf ] |
| [BvDS15] | Niklas Broberg, Bart van Delft, and David Sands. The anatomy and facets of dynamic policies. In Proceedings of the 28th IEEE Computer Security Foundations Symposium, pages 122-136. IEEE Computer Society, 2015. [ bib | .pdf | Abstract ] |
| [vDHS15] | Bart van Delft, Sebastian Hunt, and David Sands. Very static enforcement of dynamic policies. In International Conference on Principles of Security and Trust (POST), volume 9036 of LNCS, pages 32-52. Springer Berlin Heidelberg, 2015. [ bib | .pdf | Abstract ] |
| [ESS15] | Hamid Ebadi, David Sands, and Gerardo Schneider. Differential privacy: Now it's getting personal. In Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2015, pages 69-81. ACM, 2015. [ bib | http | .pdf | Abstract ] |
| [vDBS14] | Bart van Delft, Niklas Broberg, and David Sands. Programming in paragon. Software Systems Safety, 36:279, 2014. [ bib | http | .pdf | Abstract ] |
| [DTRS14] | Filippo Del Tedesco, Alejandro Russo, and David Sands. Fault-tolerant non-interference. In Engineering Secure Software and Systems (ESSoS'14), volume 8364 of LNCS, pages 60-76. Springer International Publishing, 2014. [ bib | .pdf | Abstract ] |
| [BvDS13] | Niklas Broberg, Bart van Delft, and David Sands. Paragon for practical programming with information-flow control. Programming Languages and Systems: 11th Asian Symposium, APLAS 2013, Melbourne, VIC, Australia, December 9-11, 2013. Proceedings, 8364:217-232, 2013. [ bib | .pdf | Abstract ] |
| [vDBS13] | Bart van Delft, Niklas Broberg, and David Sands. A datalog semantics for paralocks. In Security and Trust Management, 8th International Workshop, STM 2012, Revised Selected Papers, volume 7783 of LNCS, pages 305-320. Springer International Publishing, 2013. [ bib | .pdf | Abstract ] |
| [DTRS12] | Filippo Del Tedesco, Alejandro Russo, and David Sands. Implementing erasure policies using taint analysis. In Information Security Technology for Applications (Selected papers from the 15th Nordic Conference on Secure IT Systems, 2010), volume 7127 of LNCS, pages 193-209. Springer International Publishing, 2012. [ bib | .pdf | Abstract ] |
| [DHS11] | F. Del Tedesco, S. Hunt, and David Sands. A semantic hierarchy for erasure policies. In Seventh International Conference on Information Systems Security. Springer Verlag, 2011. [ bib | .pdf | Abstract ] |
| [MSS11] | Heiko Mantel, David Sands, and Henning Sudbrock. Assumptions and guarantees for compositional noninterference. In Proceedings of the 24th IEEE Computer Security Foundations Symposium, pages 218-232, Cernay-la-Ville, France, 2011. IEEE Computer Society. [ bib | .pdf | Abstract ] |
| [HS11] | S. Hunt and David Sands. From exponential to polynomial-time security typing via principal types. In Programming Languages and Systems. 20th European Symposium on Programming, ESOP 2011, number 6602 in LNCS. Springer Verlag, 2011. [ bib | .pdf | Abstract ] |
| [DRS10] | Filippo Del Tedesco, Alejandro Russo, and David Sands. Implementing erasure policies using taint analysis. In Tuomas Aura, editor, The 15th Nordic Conference in Secure IT Systems, LNCS. Springer Verlag, October 2010. [ bib | .pdf | Abstract ] |
| [MPS10] | Jonas Magazinius, Phu H. Phung, and David Sands. Safe wrappers and sane policies for self protecting JavaScript. In Tuomas Aura, editor, The 15th Nordic Conference in Secure IT Systems, LNCS. Springer Verlag, October 2010. (Selected papers from AppSec 2010). [ bib | .pdf | Abstract ] |
| [BS10] | Niklas Broberg and David Sands. Paralocks - role-based information flow control and beyond. In POPL'10, Proceedings of the 37th Annual ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages, 2010. [ bib | .pdf | Abstract ] |
| [SS09b] | Josef Svenningsson and David Sands. Specification and verification of side channel declassification. In The sixth International Workshop on Formal Aspects in Security and Trust (FAST2009), LNCS. Springer, November 2009. Pre-proceedings version, plus appendix. [ bib | .pdf | Abstract ] |
| [BS09] | Niklas Broberg and David Sands. Flow-sensitive semantics for dynamic information flow policies. In S. Chong and D. Naumann, editors, ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security (PLAS 2009), Dublin, June 15 2009. ACM. [ bib | .pdf | Abstract ] |
| [DS09a] | D. Demange and David Sands. All secrets great and small. Technical Report 2009-01, Computer Science and Engineering, Chalmers University of Technology, April 2009. Extended version of [DS09b]. [ bib | .pdf ] |
| [PSC09] | Phu H. Phung, David Sands, and Andrey Chudnov. Lightweight self-protecting javascript. In R. Safavi-Naini and V. Varadharajan, editors, ACM Symposium on Information, Computer and Communications Security (ASIACCS 2009), Sydney, Australia, March 2009. ACM Press. [ bib | .pdf | Abstract ] |
| [TS09] | Filippo Del Tedesco and David Sands. A user model for information erasure. In SecCo'09, 7th International Workshop on Security Issues in Concurrency, Electronic Proceedings in Theoretical Computer Science, 2009. To appear. [ bib | .pdf | Abstract ] |
| [DS09b] | D. Demange and David Sands. All Secrets Great and Small. In Programming Languages and Systems. 18th European Symposium on Programming, ESOP 2009, number 5502 in LNCS, pages 207-221. Springer Verlag, 2009. [ bib | .pdf | Abstract ] |
| [SS09a] | A. Sabelfeld and David Sands. Declassification: Dimensions and principles. Journal of Computer Security, 15(5):517-548, 2009. [ bib | .pdf | Abstract ] |
| [HS08a] | S. Hunt and David Sands. Just forget it - the semantics and enforcement of information erasure. Extended version of [HS08b] inluding proofs, April 2008. [ bib | .pdf ] |
| [AHSS08] | A. Askarov, S. Hunt, A. Sabelfeld, and D. Sands. Termination-Insensitive Noninterference Leaks More Than Just a Bit. In The 13th European Symposium on Research in Computer Security (ESORICS 08, Malaga, Spain, October 6-8, 2008. Proceedings, number 5283 in LNCS, pages 333-348. Springer Verlag, 2008. [ bib | .pdf | Abstract ] |
| [PS08] | P. H. Phung and David Sands. Security Policy Enforcement in the OSGi Framework Using Aspect-Oriented Programming. In Proceedings of the 32nd Annual IEEE International Computer Software and Applications Conference, COMPSAC 2008, 28 July - 1 August 2008, Turku, Finland, pages 1076-1082. IEEE Computer Society, 2008. [ bib | .pdf | Abstract ] |
| [HS08b] | S. Hunt and David Sands. Just forget it - the semantics and enforcement of information erasure. In Programming Languages and Systems. 17th European Symposium on Programming, ESOP 2008, number 4960 in LNCS, pages 239-253. Springer Verlag, 2008. [ bib | .pdf | Abstract ] |
| [BS06a] | N. Broberg and David Sands. Flow locks: Towards a core calculus for dynamic flow policies. Technical report, Chalmers University of Technology and Göteborgs University, May 2006. Draft. Extended version of [BS06b]. [ bib | .pdf ] |
| [HS06a] | D. Hedin and David Sands. Noninterference in the presence of non-opaque pointers. In Proceedings of the 19th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, 2006. [ bib | .pdf | Abstract ] |
| [HS06b] | S. Hunt and David Sands. On flow-sensitive security types. In POPL'06, Proceedings of the 33rd Annual. ACM SIGPLAN - SIGACT. Symposium. on Principles of Programming Languages, January 2006. [ bib | .pdf | Abstract ] |
| [BS06b] | N. Broberg and David Sands. Flow locks: Towards a core calculus for dynamic flow policies. In Programming Languages and Systems. 15th European Symposium on Programming, ESOP 2006, volume 3924 of LNCS. Springer Verlag, 2006. [ bib | .pdf | Abstract ] |
| [AS06] | S. Axelsson and David Sands. Understanding Intrusion Detection through Visualization. Number 24 in Advances in Information Security. Springer, 2006. [ bib | http ] |
| [SS05] | Andrei Sabelfeld and David Sands. Dimensions and principles of declassification. In Proceedings of the 18th IEEE Computer Security Foundations Workshop, pages 255-269. IEEE Computer Society Press, 2005. [ bib | .pdf | Abstract ] |
| [HS05] | D. Hedin and David Sands. Timing aware information flow security for a JavaCard-like bytecode. In First Workshop on Bytecode Semantics, Verification, Analysis and Transformation (BYTECODE '05), Electronic Notes in Theoretical Computer Science (to appear), 2005. [ bib | .pdf | Abstract ] |
| [DHS05] | Á. Darvas, R. Hähnle, and D. Sands. A theorem proving approach to analysis of secure information flow. In Dieter Hutter and Markus Ullmann, editors, Proc. 2nd International Conference on Security in Pervasive Computing, volume 3450 of LNCS, pages 193-209. Springer-Verlag, 2005. [ bib | http | .pdf | Abstract ] |
| [MS04a] | H. Mantel and David Sands. Controlled declassification based on intransitive noninterference. In Proc. Asian Symp. on Programming Languages and Systems, volume 3302 of LNCS, pages 129-145. Springer-Verlag, November 2004. [ bib | .pdf | Abstract ] |
| [MS04b] | H. Mantel and David Sands. Controlled declassification based on intransitive noninterference. Technical Report 2004-06, Chalmers, November 2004. Technical Reports in Computing Science at Chalmers University of Technology and Göteborg University. Extended version of [MS04a]. [ bib | .pdf ] |
| [San04] | David Sands. Representing and manipulating contexts - a tool for operational reasoning. Invited tutorial, SOS'04, August 2004. [ bib | http | Abstract ] |
| [DHS03] | A. Darvas, R. Hähnle, and David Sands. A theorem proving approach to analysis of secure information flow (preliminary version). In Roberto Gorrieri, editor, Workshop on Issues in the Theory of Security, WITS. IFIP WG 1.7, ACM SIGPLAN and GI FoMSESS, 2003. Subsumed by [DHS05]. [ bib | .pdf ] |
| [MSC03] | A. Moran, David Sands, and M. Carlsson. Erratic fudgets: a semantic theory for an embedded coordination language. Science of Computer Programming, 46(1-2):99-135, 2003. [ bib | DOI | .pdf | Abstract ] |
| [SGM02] | David Sands, J. Gustavsson, and A. Moran. Lambda calculi and linear speedups. In The Essence of Computation: Complexity, Analysis, Transformation. Essays Dedicated to Neil D. Jones, number 2566 in LNCS. Springer Verlag, 2002. [ bib | .pdf | Abstract ] |
| [GS01] | Jörgen Gustavsson and David Sands. Possibilities and limitations of call-by-need space improvement. In Proceeding of the Sixth ACM SIGPLAN International Conference on Functional Programming (ICFP'01), pages 265-276. ACM Press, September 2001. [ bib | .pdf | Abstract ] |
| [AS01] | J. Agat and David Sands. On confidentiality and algorithms. In Francis M. Titsworth, editor, Proceedings of the 2001 IEEE Symposium on Security and Privacy (S&P-01), pages 64-77. IEEE Computer Society, May 2001. [ bib | .pdf | Abstract ] |
| [SS01] | A. Sabelfeld and David Sands. A per model of secure information flow in sequential programs. Higher-Order and Symbolic Computation, 14(1):59-91, March 2001. Extended version of [SS99]. [ bib | .pdf | Abstract ] |
| [San01] | David Sands, editor. Programming languages and systems: 10th European Symposium on Programming, ESOP 2001, held as part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2001, Genova, Italy, April 2-6, 2001: proceedings, volume 2028 of Lecture Notes in Computer Science, New York, NY, USA, 2001. Springer-Verlag Inc. [ bib | http ] |
| [SS00] | Andrei Sabelfeld and David Sands. Probabilistic noninterference for multi-threaded programs. In Proceedings of the 13th IEEE Computer Security Foundations Workshop, pages 200-214, Cambridge, England, July 2000. IEEE Computer Society Press. [ bib | .pdf | Abstract ] |
| [MSC99] | A. K. Moran, David Sands, and M. Carlsson. Erratic Fudgets: A semantic theory for an embedded coordination language. In the Third International Conference on Coordination Languages and Models; COODINATION'99, number 1594 in Lecture Notes in Computer Science, pages 85-102. Springer-Verlag, April 1999. Extended available: [MSC03]. [ bib ] |
| [MS99] | A. K. Moran and David Sands. Improvement in a lazy context: An operational theory for call-by-need. In Proc. POPL'99, the 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 43-56. ACM Press, January 1999. [ bib | .pdf ] |
| [SS99] | A. Sabelfeld and David Sands. A per model of secure information flow in sequential programs. In Programming Languages and Systems, 8th European Symposium on Programming, ESOP'99, volume 1576 of Lecture Notes in Computer Science, pages 40-58. Springer-Verlag, 1999. Extended version in [SS01]. [ bib ] |
| [GS99] | J. Gustavsson and David Sands. A foundation for space-safe transformations of call-by-need programs. In A. D. Gordon and A. M.Pitts, editors, The Third International Workshop on Higher Order Operational Techniques in Semantics, volume 26 of Electronic Notes in Theoretical Computer Science. Elsevier, 1999. [ bib | .html | .pdf | Abstract ] |
| [CS99] | K. Claessen and David Sands. Observable sharing for functional circuit description. In P.S. Thiagarajan and R. Yap, editors, Advances in Computing Science ASIAN'99; 5th Asian Computing Science Conference, volume 1742 of Lecture Notes in Computer Science, pages 62-73. Springer-Verlag, 1999. Extended Version Available. [ bib | .pdf | Abstract ] |
| [MS98] | A. K. Moran and David Sands. Improvement in a lazy context: An operational theory for call-by-need (extended version). Extended version of [MS99], November 1998. [ bib | .pdf | Abstract ] |
| [San98a] | David Sands. Computing with contexts: A simple approach. In A. D. Gordon, A. M. Pitts, and C. L. Talcott, editors, Second Workshop on Higher-Order Operational Techniques in Semantics (HOOTS II), volume 10 of Electronic Notes in Theoretical Computer Science. Elsevier Science Publishers B.V., 1998. [ bib | .pdf | Abstract ] |
| [HMS98] | Chris Hankin, Daniel Le Métayer, and David Sands. Refining multiset tranformers. Theoretical Computer Science, 192(2):233-258, 1998. [ bib | .pdf | Abstract ] |
| [SW98] | David Sands and M. Weichert. From Gamma to CBS: Refining multiset transformations with broadcasting processes. In H. El-Rewini, editor, Proc. of the 31st Hawaii Intl. Conf. on System Sciences, volume VII Software Technology Track, pages 265-274, Hawai`i, January 1998. IEEE Computer Soc. [ bib | .pdf ] |
| [San98b] | David Sands. Improvement theory and its applications. In A. D. Gordon and A. M. Pitts, editors, Higher Order Operational Techniques in Semantics, Publications of the Newton Institute, pages 275-306. Cambridge University Press, 1998. [ bib | .pdf | Abstract ] |
| [San97] | David Sands. From SOS rules to proof principles: An operational metatheory for functional languages. In Proceedings of the 24th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL). ACM Press, January 1997. [ bib | .pdf | Abstract ] |
| [San96b] | David Sands. Proving the correctness of recursion-based automatic program transformations. Theoretical Computer Science, 167(10), October 1996. Preliminary version in TAPSOFT'95, LNCS 915. [ bib | .pdf | Abstract ] |
| [San96d] | David Sands. Total correctness by local improvement in the transformation of functional programs. ACM Transactions on Programming Languages and Systems (TOPLAS), 18(2):175-234, March 1996. Extended version of [?]. [ bib | .pdf ] |
| [San96a] | David Sands. Composed reduction systems. In Coordination Programming: Mechanisms, Models and Semantics, pages 360-377. IC Press, World Scientific, 1996. [ bib | .pdf ] |
| [San96c] | David Sands. Syntactic continuity from structural operational semantics. In G. McCusker, A. Edalat, and S. Jourdan, editors, Theory and Formal Methods 1996: Proceedings of the Third Imperial College Workshop on Theory and Formal Methods. IC Press, 1996. (subsumed by [San97]). [ bib ] |
| [San95c] | David Sands. A naïve time analysis and its theory of cost equivalence. Journal of Logic and Computation, 5(4), 1995. [ bib | .pdf | Abstract ] |
| [HS95] | F Henglein and D Sands. A semantic model of binding times for safe partial evaluation. In S.D. Swierstra and M. Hermenegildo, editors, Programming Languages: Implementations, Logics and Programs (PLILP'95), volume 982 of Lecture Notes in Computer Science, pages 299-320. Springer-Verlag, 1995. [ bib | .pdf ] |
| [San95a] | David Sands. Correctness of recursion-based automatic program transformations. In International Joint Conference on Theory and Practice of Software Development (TAPSOFT/FASE '95), number 915 in LNCS. Springer-Verlag, 1995. Full version in [San96b]. [ bib ] |
| [San95d] | David Sands. Total correctness by local improvement in program transformation. In Proceedings of the 22nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL). ACM Press, January 1995. Extended version in [San96d]. [ bib ] |
| [San95b] | David Sands. Higher-order expression procedures. In Proceeding of the ACM SIGPLAN Syposium on Partial Evaluation and Semantics-Based Program Manipulation, PEPM'95, pages 190-201, New York, 1995. ACM. [ bib | http | .pdf | Abstract ] |
| [San94] | David Sands. Towards operational semantics of contexts in functional languages. In Proceedings of the 6th Nordic Workshop on Programming Theory, number NS-94-6 in BRICS Notes Series, pages 378-385, Aahus, Denmark, 1994. [ bib | .pdf | Abstract ] |
| [San93b] | David Sands. Laws of parallel synchronised termination. In G.L. Burn, S.J. Gay, and M.D. Ryan, editors, Theory and Formal Methods 1993: Proceedings of the First Imperial College, Department of Computing, Workshop on Theory and Formal Methods, Workshops in Computing Series, Isle of Thorns, UK, March 1993. Springer-Verlag. [ bib | Abstract ] |
| [HMS93] | C. Hankin, D. Le Métayer, and David Sands. A parallel programming style and its algebra of programs. In A. Bode, M. Reeve, and G. Wolf, editors, Proceeding of Parallel Architectures and Languages Europe (PARLE), volume 694 of Lecture Notes in Computer Science, pages 367-378. Springer-Verlag, 1993. [ bib | .pdf | Abstract ] |
| [San93a] | David Sands. A compositional semantics of combining forms for Gamma programs. In D. Björner, M. Broy, and I. Pottosin, editors, Formal Methods in Programming and Their Applications, International Conference, Academgorodok, Novosibirsk, Russia, June/July 1993., Lecture Notes in Computer Science, pages 43-56. Springer-Verlag, 1993. [ bib ] |
| [HMS92a] | C. Hankin, D. Le Métayer, and David Sands. A calculus of Gamma programs. INRIA Research Report 1758, INRIA, Renne, October 1992. (Also: Imperial College Technical Report DOC 92/22). [ bib ] |
| [HMS92b] | C. Hankin, D. Le Métayer, and David Sands. A calculus of Gamma programs. In U. Banerjee, D. Gelernter, A. Nicolau, and D. Padua, editors, Languages and Compilers for Parallel Computing, 5th International Workshop, number 757 in Lecture Notes in Computer Science, pages 342-355. Springer-Verlag, August 1992. [ bib ] |
| [San91b] | David Sands. Time analysis, cost equivalence and program refinement. In Proceedings of the Eleventh Conference on Foundations of Software Technology and Theoretical Computer Science, number 560 in Lecture Notes in Computer Science, pages 25-39. Springer-Verlag, December 1991. See [San95c] for a much extended and revised version. [ bib ] |
| [HS91] | S. Hunt and David Sands. Binding Time Analysis: A New PERspective. In Proceedings of the ACM Symposium on Partial Evaluation and Semantics-Based Program Manipulation (PEPM'91), pages 154-164, September 1991. ACM SIGPLAN Notices 26(9). [ bib | .pdf | Abstract ] |
| [San91a] | David Sands. Operational theories of improvement in functional languages (extended abstract). In Proceedings of the Fourth Glasgow Workshop on Functional Programming, Workshops in Computing Series, pages 298-311, Skye, August 1991. Springer-Verlag. [ bib | .pdf | Abstract ] |
| [San90a] | David Sands. Calculi for Time Analysis of Functional Programs. PhD thesis, Department of Computing, Imperial College, University of London, September 1990. [ bib | .pdf | Abstract ] |
| [San90b] | David Sands. Complexity analysis for a lazy higher-order language. In Proceedings of the Third European Symposium on Programming, number 432 in LNCS, pages 361-376. Springer-Verlag, May 1990. [ bib | .pdf | Abstract ] |
| [San89] | David Sands. Complexity analysis for a lazy higher-order language. In Proceedings of the Glasgow Workshop on Functional Programming, Workshops in Computing Series, pages 56-79. Springer Verlag, August 1989. Extended Version of [San90b]. [ bib ] |
| [San88] | David Sands. Complexity analysis for a higher order language. Technical Report DOC 88/14, Imperial College, October 1988. [ bib | Abstract ] |