Current web service platforms (WSPs) often perform all web services-related processing, including securitysensitive information handling, in the same protection domain. Consequent...
Many software security solutions require accurate tracking of control/data dependencies among information objects in network applications. This paper presents a general dynamic in...
Previously, we developed a type system to ensure secure information flow in a sequential, imperative programming language [VSI96]. Program variables are classified as either hig...
Abstract. Denotational semantics for a substantial fragment of Java is formalized by deep embedding in PVS, making extensive use of dependent types. A static analyzer for secure in...
Although there is a large body of research on detection and prevention of such memory corruption attacks as buffer overflow, integer overflow, and format string attacks, the web...