This paper presents FABLE, a core formalism for a programming language in which programmers may specify security policies and reason that these policies are properly enforced. In ...
This paper studies the problem of securing information release in dynamic languages. We propose (i) an intuitive framework for information-release policies expressing both what ca...
Fine-grained and expressive access control policies on application resources need to be enforced in applicationlevel code. Uniformly enforcing a single policy (referred to as the ...
Tine Verhanneman, Frank Piessens, Bart De Win, Wou...
Authorization systems today are increasingly complex. They span domains of administration, rely on many different authentication sources, and manage permissions that can be as com...
Markus Lorch, Seth Proctor, Rebekah Lepro, Dennis ...
This paper extends the work described in “An Approach to the Formalisation of a Certification Policy”, 7th International Symposium on System and Information Security (SSI 2005...