The core problem in risk analysis - determining exploitable paths between attackers and system assets is essentially a problem of determining information flow. It is relatively st...
In [1], we proposed a model for policy-based intrusion detection, based on information flow control. In the present paper, we show its applicability and effectiveness on a stand...
The paper considers the complexity of verifying that a finite state system satisfies a number of definitions of information flow security. The systems model considered is one i...
The continuing frequency and seriousness of security incidents underlines the importance of application security. Decentralized information flow control (DIFC), a promising tool ...
A variant of the Mobile Ambient calculus, called Boundary Ambients, is introduced, supporting the modelling of multi-level security policies. Ambients that may guarantee to proper...