We present a new static analysis for reviewing the security of libraries for systems, such as JVMs or the CLR, that rely on stack inspection for access control. We describe its im...
: The employment of a patchwork of nonintegrated security products can only provide incomplete coverage, which cannot give the total panorama of the network misuse behavior. Networ...
In earlier work, we have introduced Secure Tropos, a requirements engineering methodology that extends the Tropos methodology and is intended for the design and analysis of securit...
Knowledge flow analysis offers a simple and flexible way to find flaws in security protocols. A protocol is described by a collection of rules constraining the propagation of know...
Emina Torlak, Marten van Dijk, Blaise Gassend, Dan...
Security managers often regard human behaviour as a security liability, but they should accommodate it within their organisation’s information security management procedures. To...
Simon Edward Parkin, Aad P. A. van Moorsel, Robert...