{"id":"https://openalex.org/W2988741178","doi":"https://doi.org/10.1145/3319535.3354218","title":"Program-mandering","display_name":"Program-mandering","publication_year":2019,"publication_date":"2019-11-06","ids":{"openalex":"https://openalex.org/W2988741178","doi":"https://doi.org/10.1145/3319535.3354218","mag":"2988741178"},"language":"en","primary_location":{"id":"doi:10.1145/3319535.3354218","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3319535.3354218","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3319535.3354218","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3319535.3354218","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5037402020","display_name":"Shen Liu","orcid":"https://orcid.org/0000-0002-7375-0350"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Shen Liu","raw_affiliation_strings":["Pennsylvania State University, University Park, PA, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, University Park, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068257433","display_name":"Dongrui Zeng","orcid":"https://orcid.org/0000-0003-0032-2571"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Dongrui Zeng","raw_affiliation_strings":["Pennsylvania State University, University Park, PA, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, University Park, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5027859131","display_name":"Yongzhe Huang","orcid":"https://orcid.org/0009-0006-2949-6347"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yongzhe Huang","raw_affiliation_strings":["Pennsylvania State University, University Park, PA, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, University Park, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040849462","display_name":"Frank Capobianco","orcid":null},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Frank Capobianco","raw_affiliation_strings":["Pennsylvania State University, University Park, PA, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, University Park, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5078041729","display_name":"Stephen McCamant","orcid":"https://orcid.org/0009-0004-6859-9758"},"institutions":[{"id":"https://openalex.org/I130238516","display_name":"University of Minnesota","ror":"https://ror.org/017zqws13","country_code":"US","type":"education","lineage":["https://openalex.org/I130238516"]},{"id":"https://openalex.org/I4210101327","display_name":"Twin Cities Orthopedics","ror":"https://ror.org/01en4s460","country_code":"US","type":"healthcare","lineage":["https://openalex.org/I4210101327"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Stephen McCamant","raw_affiliation_strings":["University of Minnesota, Twin Cities, MN, USA"],"affiliations":[{"raw_affiliation_string":"University of Minnesota, Twin Cities, MN, USA","institution_ids":["https://openalex.org/I4210101327","https://openalex.org/I130238516"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055045569","display_name":"Trent Jaeger","orcid":"https://orcid.org/0000-0002-4964-1170"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Trent Jaeger","raw_affiliation_strings":["Pennsylvania State University, University Park, PA, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, University Park, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5010830558","display_name":"Gang Tan","orcid":"https://orcid.org/0000-0001-6109-6091"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Gang Tan","raw_affiliation_strings":["Pennsylvania State University, University Park, PA, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, University Park, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5037402020"],"corresponding_institution_ids":["https://openalex.org/I130769515"],"apc_list":null,"apc_paid":null,"fwci":2.1676,"has_fulltext":true,"cited_by_count":23,"citation_normalized_percentile":{"value":0.90856355,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1023","last_page":"1040"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8194355964660645},{"id":"https://openalex.org/keywords/toolchain","display_name":"Toolchain","score":0.7051193714141846},{"id":"https://openalex.org/keywords/partition","display_name":"Partition (number theory)","score":0.6668239831924438},{"id":"https://openalex.org/keywords/information-leakage","display_name":"Information leakage","score":0.5240326523780823},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.5146323442459106},{"id":"https://openalex.org/keywords/privilege","display_name":"Privilege (computing)","score":0.5085369348526001},{"id":"https://openalex.org/keywords/metric","display_name":"Metric (unit)","score":0.45297685265541077},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4426746070384979},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.4239959716796875},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.4186983108520508},{"id":"https://openalex.org/keywords/control-flow","display_name":"Control flow","score":0.41727519035339355},{"id":"https://openalex.org/keywords/program-analysis","display_name":"Program analysis","score":0.4142414927482605},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3302830457687378},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3111704885959625}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8194355964660645},{"id":"https://openalex.org/C2777062904","wikidata":"https://www.wikidata.org/wiki/Q545406","display_name":"Toolchain","level":3,"score":0.7051193714141846},{"id":"https://openalex.org/C42812","wikidata":"https://www.wikidata.org/wiki/Q1082910","display_name":"Partition (number theory)","level":2,"score":0.6668239831924438},{"id":"https://openalex.org/C2779201187","wikidata":"https://www.wikidata.org/wiki/Q2775060","display_name":"Information leakage","level":2,"score":0.5240326523780823},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.5146323442459106},{"id":"https://openalex.org/C2780138299","wikidata":"https://www.wikidata.org/wiki/Q3404265","display_name":"Privilege (computing)","level":2,"score":0.5085369348526001},{"id":"https://openalex.org/C176217482","wikidata":"https://www.wikidata.org/wiki/Q860554","display_name":"Metric (unit)","level":2,"score":0.45297685265541077},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4426746070384979},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.4239959716796875},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.4186983108520508},{"id":"https://openalex.org/C160191386","wikidata":"https://www.wikidata.org/wiki/Q868299","display_name":"Control flow","level":2,"score":0.41727519035339355},{"id":"https://openalex.org/C98183937","wikidata":"https://www.wikidata.org/wiki/Q2112188","display_name":"Program analysis","level":2,"score":0.4142414927482605},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3302830457687378},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3111704885959625},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.0},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3319535.3354218","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3319535.3354218","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3319535.3354218","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3319535.3354218","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3319535.3354218","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3319535.3354218","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.6899999976158142,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G1078881110","display_name":null,"funder_award_id":"CNS-1526319","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G1799593227","display_name":"TWC: Medium: Collaborative: Retrofitting Software for Defense-in-Depth","funder_award_id":"1408826","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G2654913074","display_name":"TWC: Small: Confidentiality Measurement of Complex Computations using Quantitative Information Flow","funder_award_id":"1526319","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3166108113","display_name":null,"funder_award_id":"CNS-1408880","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3325973141","display_name":null,"funder_award_id":"CCF-1723571","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3337628798","display_name":"TWC: Medium: Collaborative: Retrofitting Software for Defense-in-Depth","funder_award_id":"1408880","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4639439528","display_name":null,"funder_award_id":"CNS-1801534","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G6055698625","display_name":null,"funder_award_id":"CNS-1816282","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7229170726","display_name":null,"funder_award_id":"CNS-1408826","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G796623002","display_name":"CAPA: Collaborative Research: Lightweight Abstract Memory Features","funder_award_id":"1723571","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2988741178.pdf","grobid_xml":"https://content.openalex.org/works/W2988741178.grobid-xml"},"referenced_works_count":17,"referenced_works":["https://openalex.org/W136211262","https://openalex.org/W1598589318","https://openalex.org/W2065076704","https://openalex.org/W2095881341","https://openalex.org/W2144344516","https://openalex.org/W2148144728","https://openalex.org/W2154564703","https://openalex.org/W2166510103","https://openalex.org/W2368101144","https://openalex.org/W2752929869","https://openalex.org/W2765797110","https://openalex.org/W2766188225","https://openalex.org/W2912554321","https://openalex.org/W2913264117","https://openalex.org/W3039999392","https://openalex.org/W4239813889","https://openalex.org/W4365799995"],"related_works":["https://openalex.org/W4310832179","https://openalex.org/W1987209053","https://openalex.org/W1997179160","https://openalex.org/W3014916130","https://openalex.org/W2256611834","https://openalex.org/W2138385884","https://openalex.org/W2265345944","https://openalex.org/W2359835790","https://openalex.org/W2163072411","https://openalex.org/W2380745217"],"abstract_inverted_index":{"Privilege":[0],"separation":[1],"is":[2,46,119],"an":[3,50],"effective":[4],"technique":[5],"to":[6,18,74,124,132],"improve":[7],"software":[8],"security.":[9],"However,":[10],"past":[11],"partitioning":[12],"systems":[13],"do":[14],"not":[15],"allow":[16],"programmers":[17],"make":[19],"quantitative":[20],"tradeoffs":[21],"between":[22,152],"security":[23,63,72,153],"and":[24,64,135,154],"performance.":[25],"In":[26],"this":[27],"paper,":[28],"we":[29],"describe":[30],"our":[31],"toolchain":[32],"called":[33],"PM.":[34],"It":[35],"can":[36,145],"automatically":[37,115],"find":[38,146],"the":[39,61,88,105,111],"optimal":[40,112],"boundary":[41],"in":[42,104],"program":[43,89,98],"partitioning.":[44],"This":[45],"achieved":[47],"by":[48,159],"solving":[49],"integer-programming":[51],"model":[52],"that":[53,108,148,163],"optimizes":[54],"for":[55],"a":[56,101,127,160],"user-chosen":[57],"metric":[58],"while":[59],"satisfying":[60],"remaining":[62],"performance":[65,155],"constraints":[66],"on":[67,110,126],"other":[68],"metrics.":[69],"We":[70,121],"choose":[71],"metrics":[73],"reason":[75],"about":[76],"how":[77],"well":[78],"computed":[79],"partitions":[80,147,157],"enforce":[81],"information":[82],"flow":[83],"control":[84],"to:":[85],"(1)":[86],"protect":[87,133],"from":[90],"low-integrity":[91],"inputs":[92],"or":[93],"(2)":[94],"prevent":[95],"leakage":[96],"of":[97,129],"secrets.":[99],"As":[100],"result,":[102],"functions":[103],"sensitive":[106],"module":[107],"fall":[109],"partition":[113],"boundaries":[114],"identify":[116],"where":[117],"declassification":[118],"necessary.":[120],"used":[122],"PM":[123,144],"experiment":[125],"set":[128],"real-world":[130],"programs":[131],"confidentiality":[134],"integrity;":[136],"results":[137],"show":[138],"that,":[139],"with":[140],"moderate":[141],"user":[142],"guidance,":[143],"have":[149],"better":[150],"balance":[151],"than":[156],"found":[158],"previous":[161],"tool":[162],"requires":[164],"manual":[165],"declassification.":[166]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":10},{"year":2020,"cited_by_count":2}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2019-11-22T00:00:00"}