In traditional information-flow type systems, the security policy is often formalized as noninterference properties. However, noninterference alone is too strong to express securi...
Deeply embedded infrastructures are pervasive systems that have significant cyber and physical components, interacting with each other in complex ways. These interactions can vio...
To-date, security analysis techniques focus on the explicit access to data, thereby neglecting information flows happening over covert channels. As a result, critical business so...
JavaScript has become a central technology of the web, but it is also the source of many security problems, including cross-site scripting attacks and malicious advertising code. ...
In this paper we define and provide a general construction for a class of policies we call dynamic policies. In most existing systems, policies are implemented and enforced by ch...
Prasad Naldurg, Roy H. Campbell, M. Dennis Mickuna...