Correct enforcement of authorization policies is a difficult task, especially for multi-threaded software. Even in carefully-reviewed code, unauthorized access may be possible in ...
Proving software free of security bugs is hard. Languages that ensure that programs correctly enforce their security policies would help, but, to date, no security-typed language h...
We introduce a language and system that supports definition and composition of complex run-time security policies for Java applications. Our policies are comprised of two sorts o...
This paper describes the implementation of an enforcement module for file system security implemented as part of a security architecture for distributed systems which enforces a c...
Abstract. An extension of the λ-calculus is proposed to study historybased access control. It allows for parametrized security policies with a possibly nested, local scope. To gov...
Massimo Bartoletti, Pierpaolo Degano, Gian Luigi F...