Abstract Non-interference is typically used as a baseline security policy to formalize confidentiality of secret information manipulated by a program. In contrast to static checkin...
Gurvan Le Guernic, Anindya Banerjee, Thomas P. Jen...
A number of programming languages use rich type systems to verify security properties of code. Some of these languages are meant for source programming, but programs written in th...
Common programming practice grants excess authority for the sake of functionality; programming principles require least authority for the sake of security. If we practice our princ...
The construction of interactive server-side Web applications differs substantially from the construction of traditional interactive programs. In contrast, existing Web programming...
Jacob Matthews, Robert Bruce Findler, Paul T. Grau...
Distributed applications can be structured using sessions that specify flows of messages between roles. We design a small specific language to declare sessions. We then build a c...