This paper proposes a method for automatically inserting check statements for access control into a given recursive program according to a given security specification. A history-b...
: The Lack of security policy enforcement in web development languages is one of the most important challenges in web application systems development, as there is no formal check f...
Dynamic information flow policies, such as declassification, are essential for practically useful information flow control systems. However, most systems proposed to date that ...
This article investigates formal properties of a family of semantically sound flow-sensitive type systems for tracking information flow in simple While programs. The family is ind...
Abstract. Denotational semantics for a substantial fragment of Java is formalized by deep embedding in PVS, making extensive use of dependent types. A static analyzer for secure in...