A model of resource access control is presented in which the access control to resources can employ user interaction to obtain the necessary permissions. This model is inspired by...
Decentralized information flow control (DIFC) operating systems provide applications with mechanisms for enforcing information-flow policies for their data. However, significant o...
Security-typed languages enforce secrecy or integrity policies by type-checking. This paper investigates continuation-passing style (CPS) as a means of proving that such languages...
This paper introduces the use of static information flow analysis for the specification and enforcement of end-toend availability policies in programs. We generalize the decentr...
Task delegation presents one of the business process security leitmotifs. It defines a mechanism that bridges the gap between both workflow and access control systems. There are tw...