Information security is based on access control models and cryptographic techniques. These are well established areas of research in computer security, but are not capable of supp...
We propose a formal method to automatically integrate security rules regarding an access control policy (expressed in Or-BAC) in Java programs. Given an untrusted application and a...
This paper presents a language in which information flow is securely controlled by a type system, yet the security class of data can vary dynamically. Information flow policies ...
According to one common view, information security comes down to technical measures. Given better access control policy models, formal proofs of cryptographic protocols, approved ...
Traditional security policies largely focus on access control requirements, which specify who can access what under what circumstances. Besides access control requirements, the av...