Many software security solutions require accurate tracking of control/data dependencies among information objects in network applications. This paper presents a general dynamic in...
We present a programming model for building web applications with security properties that can be confidently verified during a security review. In our model, applications are d...
Akshay Krishnamurthy, Adrian Mettler, David Wagner
Abstract. Methodologies for the engineering of Web applications typically provide models that drive the generation of the hypermedia navigation structure in the application. Most o...
Geert-Jan Houben, Flavius Frasincar, Peter Barna, ...
We present a technique for finding security vulnerabilities in Web applications. SQL Injection (SQLI) and crosssite scripting (XSS) attacks are widespread forms of attack in whic...
Adam Kiezun, Philip J. Guo, Karthick Jayaraman, Mi...
Many of today's web applications are built on frameworks that include sophisticated defenses against malicious adversaries. However, mistakes in the way developers deploy tho...