This paper presents a new approach called model-carrying code (MCC) for safe execution of untrusted code. At the heart of MCC is the idea that untrusted code comes equipped with a...
R. Sekar, V. N. Venkatakrishnan, Samik Basu, Sande...
One of the most critical steps of any security review involves identifying the trust boundaries that an application is exposed to. While methodologies such as threat modeling can ...
Currently, there is an increasing tendency to migrate the management of communications and information systems onto the Web. This is making many traditional service support models ...
Martin Serrano, Sven van der Meer, John Strassner,...
We present a framework for evaluating and generating access control policies. The framework contains a modelling formalism called RW, which is supported by a model checking tool. ...
This paper presents secure program partitioning, a language-based technique for protecting confidential data during computation in distributed systems containing mutually untruste...
Steve Zdancewic, Lantian Zheng, Nathaniel Nystrom,...