Abstract: The attack surface of a system represents the exposure of application objects to attackers and is affected primarily by architecture and design decisions. Given otherwise...
Web applications are increasingly developed in Agile development processes. Business-centric Web applications need complex authorization policies to securely implement business pro...
: The Lack of security policy enforcement in web development languages is one of the most important challenges in web application systems development, as there is no formal check f...
The dynamic nature of JavaScript web applications has given rise to the possibility of privacy violating information flows. We present an empirical study of the prevalence of such...
—A growing number of current web sites combine active content (applications) from untrusted sources, as in so-called mashups. The object-capability model provides an appealing ap...