Certified code is a general mechanism for enforcing security properties. In this paradigm, untrusted mobile code carries annotations that allow a host to verify its trustworthine...
The Bell-La Padula security model produced conceptual tools for the analysis and design of secure computer systems. Together with its sibling engineering initiatives, it identifi...
— Managing security projects is a delicate activity due to the evolution of attacks. In this paper, we develop a new methodology for estimating security effort based on algebraic...
We present ACXESS (Access Control for XML with Enhanced Security Specifications), a system for specifying and enforcing enhanced security constraints on XML via virtual "secu...
Sriram Mohan, Jonathan Klinginsmith, Arijit Sengup...
Most security protocols share a similar set of algorithms and functions and exhibit common sequences and patterns in the way they operate. These observations led us to propose a u...