Abstract. Identifying and protecting the trusted computing base (TCB) of a system is an important task, which is typically performed by designing and enforcing a system security po...
The recent emergence of mandatory access (MAC) enforcement for virtual machine monitors (VMMs) presents an opportunity to enforce a security goal over all its virtual machines (VM...
This paper presents a new approach called model-carrying code (MCC) for safe execution of untrusted code. At the heart of MCC is the idea that untrusted code comes equipped with a...
R. Sekar, V. N. Venkatakrishnan, Samik Basu, Sande...
NetSketch is a tool for the specification of constrained-flow applications and the certification of desirable safety properties imposed thereon. NetSketch assists system integr...
Azer Bestavros, Assaf J. Kfoury, Andrei Lapets, Mi...
Current tools for analysing information flow in programs build upon ideas going back to Denning's work from the 70's. These systems enforce an imperfect notion of informa...
Aslan Askarov, Sebastian Hunt, Andrei Sabelfeld, D...