—A growing number of current web sites combine active content (applications) from untrusted sources, as in so-called mashups. The object-capability model provides an appealing ap...
In this paper, we present a framework for achieving anonymity and trust, two seemingly contradictory properties, in distributed systems. Our approach builds on webs of trust, a we...
Michael Backes, Stefan Lorenz, Matteo Maffei, Kim ...
In pervasive computing environments, changes in context may trigger changes in an individual’s access permissions. We contend that existing access control frameworks do not provi...
Adam J. Lee, Jodie P. Boyer, Chris Drexelius, Pras...
To be practical, systems for ensuring secure information flow must be as permissive as possible. To this end, the author recently proposed a type system for multi-threaded progra...
Combining access control with weakly consistent replication presents a challenge if the resulting system is to support eventual consistency. If authorization policy can be tempora...
Ted Wobber, Thomas L. Rodeheffer, Douglas B. Terry