This paper presents the first type system for statically analyzing security protocols that are based on zero-knowledge proofs. We show how several properties offered by zero-knowl...
Sun and the CERT recommend for secure Java development to not allow partially initialized objects to be accessed. The CERT considers the severity of the risks taken by not followin...
Laurent Hubert, Thomas P. Jensen, Vincent Monfort,...
We have implemented an information flow framework for the Java Virtual Machine that combines static and dynamic techniques to capture not only explicit flows, but also implicit ...
It is becoming increasingly important for applications to protect sensitive data. With current techniques, the programmer bears the burden of ensuring that the application’s beh...
We present here the execution model of a policy-driven middleware for building secure distributed collaboration systems from their high level specifications. Our specification m...
Anand R. Tripathi, Tanvir Ahmed, Richa Kumar, Shre...