Patterns are useful knowledge about recurring problems and solutions. Detecting a security problem using patterns in requirements models may lead to its early solution. In order t...
Abstract. Denotational semantics for a substantial fragment of Java is formalized by deep embedding in PVS, making extensive use of dependent types. A static analyzer for secure in...
Abstract. We provide a formal definition of information flows in XML transformations and, more generally, in the presence of type driven computations and describe a sound technique...
We present a framework in which different notions of security can be defined in a uniform and modular way. Each definition of security is formalized as a security predicate by ass...
This paper advocates a novel approach to the construction of secure software: controlling information flow and maintaining integrity via monadic encapsulation of effects. This ap...