Adding security functions in existing Web application servers is now vital for the IS of companies and organizations. Writing crosscutting functions in complex software should tak...
Gabriel Hermosillo, Roberto Gomez, Lionel Seinturi...
We empirically analyzed sanitizer use in a shipping web application with over 400,000 lines of code and over 23,244 methods, the largest empirical analysis of sanitizer use of whi...
We show that the time web sites take to respond to HTTP requests can leak private information, using two different types of attacks. The first, direct timing, directly measures re...
In enterprise environment, security becomes increasingly important and costly. Enterprises are struggling to protect the increasing amount of disparate resources. Simple patchwork ...
Chen Zhao, Yang Chen, Dawei Xu, NuerMaimaiti Heili...
The premises of this paper are 1) security is application dependent because application semantics directly influence proper protection; but 2) applications are generally too compl...