PapersFlow Research Brief
Security and Verification in Computing
Research Guide
What is Security and Verification in Computing?
Security and Verification in Computing is a field that develops techniques for ensuring information flow security, formal verification of systems, access control models, virtualization for isolation, and defenses against attacks like side-channels and control-flow violations in computer systems.
This field encompasses language-based information flow security, enforceable security policies, control-flow integrity, side-channel attacks, dynamic taint analysis, trusted execution environments, memory protection, virtualization, software diversity, and hardware security. The cluster contains 37,243 works with growth data unavailable over the past 5 years. Key contributions include SMT solvers for verification, role-based access control standards, and dynamic tracking systems like TaintDroid for privacy on smartphones.
Topic Hierarchy
Research Sub-Topics
Control-Flow Integrity
This sub-topic develops techniques to prevent ROP and JOP attacks by enforcing legitimate control transfers. Researchers design hardware-supported CFI and compiler instrumentation.
Side-Channel Attacks
This sub-topic analyzes timing, cache, power, and fault attacks on cryptographic implementations. Researchers propose countermeasures like masking and constant-time algorithms.
Dynamic Taint Analysis
This sub-topic tracks data provenance through program execution to detect information leaks and exploits. Researchers optimize shadow memory and hardware acceleration for performance.
Trusted Execution Environments
This sub-topic studies SGX, TPM, and SEV for isolated computation on untrusted platforms. Researchers address enclave attacks and attestation protocols.
Software Fault Isolation
This sub-topic partitions code into sandboxed compartments using rewriting or virtualization. Researchers minimize overhead while enforcing memory safety and isolation.
Why It Matters
Role-based access control (RBAC) simplifies security administration in large systems by assigning permissions to roles rather than users, as shown in "Role-based access control models" (Sandhu et al., 1996, 5747 citations) and the NIST standard in "Proposed NIST standard for role-based access control" (Ferraiolo et al., 2001, 2496 citations), enabling scalable enforcement in enterprises and government systems. Virtualization techniques in "Xen and the art of virtualization" (Barham et al., 2003, 5913 citations) provide resource subdivision with binary compatibility and security isolation, supporting commodity operating systems in cloud computing. TaintDroid in "TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones" (Enck et al., 2010, 2280 citations) tracks sensitive data usage in real-time on Android devices, revealing privacy violations by third-party apps and influencing mobile OS security designs.
Reading Guide
Where to Start
"Z3: An Efficient SMT Solver" (de Moura and Bjørner, 2008) to start, as it provides a foundational tool for formal verification central to security analysis, with broad applicability and high citations (6131).
Key Papers Explained
"Z3: An Efficient SMT Solver" (de Moura and Bjørner, 2008) enables efficient verification underpinning models in "Role-based access control models" (Sandhu et al., 1996) and its NIST extension "Proposed NIST standard for role-based access control" (Ferraiolo et al., 2001), which standardize policy enforcement. "Xen and the art of virtualization" (Barham et al., 2003) applies isolation principles building on access control for secure resource sharing. "TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones" (Enck et al., 2010) extends dynamic analysis techniques like program slicing from "Program Slicing" (Weiser, 1984) to runtime tracking in mobile environments.
Paper Timeline
Most-cited paper highlighted in red. Papers ordered chronologically.
Advanced Directions
Current work targets scalable verification of information flow in virtualized systems with side-channel defenses, extending Z3-based methods and Xen isolation. Focus remains on dynamic taint analysis enhancements for trusted execution environments amid absent recent preprints.
Papers at a Glance
| # | Paper | Year | Venue | Citations | Open Access |
|---|---|---|---|---|---|
| 1 | Artificial intelligence: A modern approach | 1996 | Artificial Intelligence | 10.7K | ✕ |
| 2 | Z3: An Efficient SMT Solver | 2008 | Lecture notes in compu... | 6.1K | ✕ |
| 3 | Xen and the art of virtualization | 2003 | ACM SIGOPS Operating S... | 5.9K | ✕ |
| 4 | Role-based access control models | 1996 | Computer | 5.7K | ✕ |
| 5 | Safeguarding cryptographic keys | 1979 | 1979 International Wor... | 3.4K | ✕ |
| 6 | Hyperledger fabric | 2018 | — | 3.2K | ✓ |
| 7 | Program Slicing | 1984 | IEEE Transactions on S... | 3.2K | ✕ |
| 8 | The part-time parliament | 1998 | ACM Transactions on Co... | 2.7K | ✓ |
| 9 | Proposed NIST standard for role-based access control | 2001 | ACM Transactions on In... | 2.5K | ✓ |
| 10 | TaintDroid: an information-flow tracking system for realtime p... | 2010 | Operating Systems Desi... | 2.3K | ✕ |
Frequently Asked Questions
What is role-based access control?
Role-based access control assigns permissions to roles that users inherit, simplifying administration in large systems. "Role-based access control models" (Sandhu et al., 1996) describes four reference models to support this approach. The NIST standard in "Proposed NIST standard for role-based access control" (Ferraiolo et al., 2001) provides an authoritative definition for implementation.
How does dynamic taint analysis work for privacy?
Dynamic taint analysis tracks the flow of sensitive data through a system at runtime. "TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones" (Enck et al., 2010) implements this on Android for efficient, system-wide monitoring of app data usage. It detects leaks without significant performance overhead in real-time scenarios.
What is the role of SMT solvers in verification?
SMT solvers like Z3 automate reasoning over satisfiability modulo theories for verifying program properties. "Z3: An Efficient SMT Solver" (de Moura and Bjørner, 2008, 6131 citations) provides an efficient implementation used in security and formal verification tasks. It supports a wide range of theories for checking security policies and invariants.
How does virtualization enhance security?
Virtualization subdivides hardware resources into isolated environments supporting commodity OSes. "Xen and the art of virtualization" (Barham et al., 2003, 5913 citations) achieves high performance with security through paravirtualization. It balances binary compatibility, performance, and isolation against attacks.
What is program slicing in security contexts?
Program slicing decomposes programs by analyzing data and control flow to isolate behaviors. "Program Slicing" (Weiser, 1984, 3175 citations) defines it as reducing a program to a minimal slice preserving specific outputs. This aids in security analysis by focusing on vulnerable paths.
What are trusted execution environments?
Trusted execution environments provide hardware-isolated spaces for secure computation. The field description highlights their role alongside techniques like memory protection and control-flow integrity. They protect against side-channel attacks and untrusted software.
Open Research Questions
- ? How can language-based policies enforce information flow security against dynamic side-channel attacks?
- ? What verification techniques scale to verify control-flow integrity in diverse software architectures?
- ? How to integrate dynamic taint analysis with trusted execution environments for comprehensive privacy protection?
- ? Which memory protection mechanisms best counter cache-based side-channel attacks in virtualized systems?
- ? How does software diversity improve resilience against control-flow hijacking in large-scale deployments?
Recent Trends
The field sustains 37,243 works without specified 5-year growth, emphasizing persistent advances in foundational papers like "Z3: An Efficient SMT Solver" (de Moura and Bjørner, 2008, 6131 citations) and virtualization in "Xen and the art of virtualization" (Barham et al., 2003, 5913 citations).
No recent preprints or news in the last 6-12 months indicate steady maturation rather than rapid shifts.
High citation classics like RBAC models (Sandhu et al., 1996, 5747 citations) continue dominating applications.
Research Security and Verification in Computing with AI
PapersFlow provides specialized AI tools for Computer Science researchers. Here are the most relevant for this topic:
AI Literature Review
Automate paper discovery and synthesis across 474M+ papers
Code & Data Discovery
Find datasets, code repositories, and computational tools
Deep Research Reports
Multi-source evidence synthesis with counter-evidence
AI Academic Writing
Write research papers with AI assistance and LaTeX support
See how researchers in Computer Science & AI use PapersFlow
Field-specific workflows, example queries, and use cases.
Start Researching Security and Verification in Computing with AI
Search 474M+ papers, run AI-powered literature reviews, and write with integrated citations — all in one workspace.
See how PapersFlow works for Computer Science researchers