Sun and the CERT recommend for secure Java development to not allow partially initialized objects to be accessed. The CERT considers the severity of the risks taken by not followin...
Laurent Hubert, Thomas P. Jensen, Vincent Monfort,...
With the recent advent of dynamically extensible software systems, in which software extensions may be dynamically loaded into the address space of a core application to augment i...
Comparing the system call sequence of a network application against a sandboxing policy is a popular approach to detecting control-hijacking attack, in which the attacker exploits...
Automated trust negotiation is an approach which establishes trust between strangers through the bilateral, iterative disclosure of digital credentials. Sensitive credentials are ...
Decentralized information flow control (DIFC) operating systems provide applications with mechanisms for enforcing information-flow policies for their data. However, significant o...