As cryptographic protocols execute they accumulate information such as values and keys, and evidence of properties about this information. As execution proceeds, new information b...
Abstract. Most specification languages express only qualitative constraints. However, among two implementations that satisfy a given specification, one may be preferred to another....
Roderick Bloem, Krishnendu Chatterjee, Thomas A. H...
We introduce a new non-interference criterion for concurrent programs: rollback atomicity. Similarly to other definitions of atomicity, rollback atomicity of a given concurrent ex...
This paper describes a method for performing safety analysis on an Integrated Modular Avionics system in a manner which supports the incremental development and change of system c...
As computing technology becomes increasingly pervasive and interconnected, mobility leads to shorter-lasting relationships between end-points with many different security requirem...