Abstract—Security-by-Contract (S×C) is a paradigm providing security assurances for mobile applications. In this work, we present an extension of S×C enriched with an automatic...
We defeat two proposed Unix file-system race condition defense mechanisms. First, we attack the probabilistic defense mechanism of Tsafrir, et al., published at USENIX FAST 2008[...
Capability acquisition graphs (CAGs) provide a powerful framework for modeling insider threats, network attacks and system vulnerabilities. However, CAG-based security modeling sys...
Duc T. Ha, Shambhu J. Upadhyaya, Hung Q. Ngo, S. P...
Improperly validated user input is the underlying root cause for a wide variety of attacks on web-based applications. Static approaches for detecting this problem help at the time...
Abstract. An extension of the λ-calculus is proposed to study historybased access control. It allows for parametrized security policies with a possibly nested, local scope. To gov...
Massimo Bartoletti, Pierpaolo Degano, Gian Luigi F...