The paper presents ConSpec, an automata based policy specification language. The language trades off clean semantics to language expressiveness; a formal semantics for the languag...
We propose a lightweight approach for certification of Java bytecode monitor inlining using proof-carrying code. The main purpose of such a framework is to enable development use ...
One of the major threats that an enterprise Information system networks are facing today is the Insider threat. As part of the Insider Threat study, lack of an effective access co...
Successive, formal refinement is a new approach for specification of embedded systems using a general-purpose programming language. Systems are formally modeled as Abstractable Sy...
James Shin Young, Josh MacDonald, Michael Shilman,...
In traditional information-flow type systems, the security policy is often formalized as noninterference properties. However, noninterference alone is too strong to express securi...