Through web service technology, distributed applications can be built in a exible manner, bringing tremendous power to applications on the web. However, this exibility poses sig...
The focus of access control in client/server environments is on protecting sensitive server resources by determining whether or not a client is authorized to access those resource...
We describe a new, general approach for safeguarding systems against any type of code-injection attack. We apply Kerckhoff’s principle, by creating process-specific randomized ...
Gaurav S. Kc, Angelos D. Keromytis, Vassilis Preve...
Recent developments in information technologies made the secure transmission of digital data a critical design point. Large data flows have to be exchanged securely and involve en...
We examine covert channels in privacy-enhanced mobile identification devices where the devices uniquely identify themselves to an authorized verifier. Such devices (e.g. RFID tags)...
Daniel V. Bailey, Dan Boneh, Eu-Jin Goh, Ari Juels