Network Access Control requirements are typically implemented in practice as a series of heterogeneous security-mechanism-centric policies that span system services and application...
We present a formal framework for the analysis of intrusion detection systems (IDS) that employ declarative rules for attack recognition, e.g. specification-based intrusion detect...
Tao Song, Calvin Ko, Jim Alves-Foss, Cui Zhang, Ka...
When packet filtering is used as a security mechanism, different routers may need to cooperate to enforce the desired security policy. It is difficult to ensure that they will d...
This paper introduces a context-aware authorization architecture that is designed to augment existing network security protocols in an Intranet environment. It describes the archi...
This paper presents SELinks, a programming language focused on building secure multi-tier web applications. SELinks provides a uniform programming model, in the style of LINQ and ...