The successful deployment of a security policy is closely related not only to the complexity of the security requirements but also to the capabilities/functionalities of the secur...
The Windows Vista operating system implements an interesting model of multi-level integrity. We observe that in this model, trusted code must participate in any information-flow a...
Avik Chaudhuri, Prasad Naldurg, Sriram K. Rajamani
We describe a new attack against web authentication, which we call dynamic pharming. Dynamic pharming works by hijacking DNS and sending the victim’s browser malicious Javascrip...
Chris Karlof, Umesh Shankar, J. Doug Tygar, David ...
This paper investigates a class of transform queries proposed by XQuery Update [6]. A transform query is defined in terms of XML update syntax. When posed on an XML tree T, it ret...
Popular Internet applications deploy a multi-tier architecture, with each tier provisioning a certain functionality to its preceding tier. In this paper, we address the challengin...