{"abstract":[{"text":"Enforcement of information-flow policies has been extensively studied by language-based approaches over the past few decades. In this paper, we propose an alternative, novel, general, and effective approach using enforcement of hyperproperties– a powerful formalism for expressing and reasoning about a wide range of information-flow security policies. We study black- vs. gray- vs. white-box enforcement of hyperproperties expressed by nondeterministic finite-word hyperautomata (NFH), where the enforcer has null, some, or complete information about the implementation of the system under scrutiny. Given an NFH, in order to generate a runtime enforcer, we reduce the problem to controller synthesis for hyperproperties and subsequently to the satisfiability problem for quantified Boolean formulas (QBFs). The resulting enforcers are transferable with low-overhead. We conduct a rich set of case studies, including information-flow control for JavaScript code, as well as synthesizing obfuscators for control plants.","lang":"eng"}],"article_processing_charge":"Yes (via OA deal)","department":[{"_id":"ToHe"}],"external_id":{"isi":["001546115300001"]},"oa_version":"Published Version","publication":"Acta Informatica","year":"2025","publication_identifier":{"eissn":["1432-0525"],"issn":["0001-5903"]},"file":[{"date_created":"2025-09-02T05:53:47Z","access_level":"open_access","creator":"dernst","file_name":"2025_ActaInformatica_Hsu.pdf","content_type":"application/pdf","relation":"main_file","checksum":"90a43350fd4a8c5cb5b1b0e1aea7970d","date_updated":"2025-09-02T05:53:47Z","file_id":"20267","success":1,"file_size":6505049}],"_id":"20186","license":"https://creativecommons.org/licenses/by/4.0/","citation":{"ieee":"T. H. Hsu, A. A. Oliveira da Costa, A. Wintenberg, E. Bartocci, and B. Bonakdarpour, “Gray-box runtime enforcement of hyperproperties,” <i>Acta Informatica</i>, vol. 62, no. 3. Springer Nature, 2025.","apa":"Hsu, T. H., Oliveira da Costa, A. A., Wintenberg, A., Bartocci, E., &#38; Bonakdarpour, B. (2025). Gray-box runtime enforcement of hyperproperties. <i>Acta Informatica</i>. Springer Nature. <a href=\"https://doi.org/10.1007/s00236-025-00502-1\">https://doi.org/10.1007/s00236-025-00502-1</a>","ista":"Hsu TH, Oliveira da Costa AA, Wintenberg A, Bartocci E, Bonakdarpour B. 2025. Gray-box runtime enforcement of hyperproperties. Acta Informatica. 62(3), 30.","mla":"Hsu, Tzu Han, et al. “Gray-Box Runtime Enforcement of Hyperproperties.” <i>Acta Informatica</i>, vol. 62, no. 3, 30, Springer Nature, 2025, doi:<a href=\"https://doi.org/10.1007/s00236-025-00502-1\">10.1007/s00236-025-00502-1</a>.","chicago":"Hsu, Tzu Han, Ana A Oliveira da Costa, Andrew Wintenberg, Ezio Bartocci, and Borzoo Bonakdarpour. “Gray-Box Runtime Enforcement of Hyperproperties.” <i>Acta Informatica</i>. Springer Nature, 2025. <a href=\"https://doi.org/10.1007/s00236-025-00502-1\">https://doi.org/10.1007/s00236-025-00502-1</a>.","ama":"Hsu TH, Oliveira da Costa AA, Wintenberg A, Bartocci E, Bonakdarpour B. Gray-box runtime enforcement of hyperproperties. <i>Acta Informatica</i>. 2025;62(3). doi:<a href=\"https://doi.org/10.1007/s00236-025-00502-1\">10.1007/s00236-025-00502-1</a>","short":"T.H. Hsu, A.A. Oliveira da Costa, A. Wintenberg, E. Bartocci, B. Bonakdarpour, Acta Informatica 62 (2025)."},"language":[{"iso":"eng"}],"PlanS_conform":"1","isi":1,"intvolume":"        62","issue":"3","month":"09","ddc":["000"],"has_accepted_license":"1","OA_type":"hybrid","title":"Gray-box runtime enforcement of hyperproperties","type":"journal_article","corr_author":"1","file_date_updated":"2025-09-02T05:53:47Z","status":"public","tmp":{"legal_code_url":"https://creativecommons.org/licenses/by/4.0/legalcode","short":"CC BY (4.0)","image":"/images/cc_by.png","name":"Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)"},"oa":1,"day":"01","date_updated":"2025-09-30T14:20:11Z","project":[{"_id":"34a1b658-11ca-11ed-8bc3-c75229f0241e","grant_number":"F8502","name":"Interface Theory for Security and Privacy"}],"article_number":"30","author":[{"full_name":"Hsu, Tzu Han","last_name":"Hsu","first_name":"Tzu Han"},{"id":"8b282559-50b0-11ef-861e-d6ace0d92e9b","full_name":"Oliveira Da Costa, Ana A","first_name":"Ana A","last_name":"Oliveira Da Costa"},{"first_name":"Andrew","last_name":"Wintenberg","full_name":"Wintenberg, Andrew"},{"last_name":"Bartocci","first_name":"Ezio","full_name":"Bartocci, Ezio"},{"last_name":"Bonakdarpour","first_name":"Borzoo","full_name":"Bonakdarpour, Borzoo"}],"volume":62,"OA_place":"publisher","article_type":"original","date_created":"2025-08-17T22:01:36Z","acknowledgement":"This project was funded in part by the Austrian Science Fund (FWF) SFB project SpyCoDe F8502, Vienna Science and Technology Fund (WWTF) [10.47379/ICT19018] (ProbInG) and WWTF project ICT22-023 (TAIGER), National Science Foundation (NSF) CPS Award 1837680, NSF award ECCS-2144416 and NSF SaTC Award 2245114. Open access funding provided by Institute of Science and Technology (IST Austria).","date_published":"2025-09-01T00:00:00Z","quality_controlled":"1","scopus_import":"1","user_id":"317138e5-6ab7-11ef-aa6d-ffef3953e345","publication_status":"published","doi":"10.1007/s00236-025-00502-1","publisher":"Springer Nature"}