When dealing with dynamic, untrusted content, such as on the Web, software behavior must be sandboxed, typically through use of a language like JavaScript. However, even for such ...
In traditional information-flow type systems, the security policy is often formalized as noninterference properties. However, noninterference alone is too strong to express securi...
With the ubiquitous deployment of large scale networks more and more complex human interactions are supported by computer applications. This poses new challenges on the expressive...
—The amount of dynamic content on the web has been steadily increasing. Scripting languages such as JavaScript and browser extensions such as Adobe’s Flash have been instrument...
Sean Ford, Marco Cova, Christopher Kruegel, Giovan...
RESIN is a new language runtime that helps prevent security vulnerabilities, by allowing programmers to specify application-level data flow assertions. RESIN provides policy obje...
Alexander Yip, Xi Wang, Nickolai Zeldovich, M. Fra...