Early work on security-typed languages required that legal information flows be defined statically. More recently, techniques have been introduced that relax these assumptions a...
Sruthi Bandhakavi, William H. Winsborough, Mariann...
Managing the configuration of heterogeneous enterprise security mechanisms is a wholly complex task. The effectiveness of a configuration may be constrained by poor understanding a...
We address the problem of controlling information leakage in a concurrent declarative programming setting. Our aim is to define verification tools in order to distinguish betwee...
In certain critical cases the data flow between business departments in banking organizations has to respect security policies known as Chinese Wall or Bell–La Padula. We show t...
Christoph Brandt, Jens Otten, Christoph Kreitz, Wo...
This paper details a true and striking paradigm shift: the use of E-Prime for (at least) user-centered security, organizational/enterprise security policies and informal security ...