This paper describes a pattern-based technique for systematic development of UML models of secure systems using access control. Access control is viewed and specified as a design...
We investigate the question of whether security of protocols in the information-theoretic setting (where the adversary is computationally unbounded) implies the security of these ...
In defining large, complex access control policies, one would like to compose sub-policies, perhaps authored by different organizations, into a single global policy. Existing po...
We present the first cryptographically sound Dolev-Yaostyle security proof of a comprehensive electronic payment system. The payment system is a slightly simplified variant of t...
Security technology suitable for the burgeoning embedded system market has not been widespread. Untrusted code downloaded from the Internet poses numerous security risks due to th...