Several authors have proposed using code modification as a technique for enforcing security policies such as resource limits, access controls, and network information flows. Howeve...
Abstract. This paper argues that Haigh and Young’s definition of noninterference for intransitive security policies admits information flows that are not in accordance with the...
The protection mechanisms of current mainstream operating systems are inadequate to support confidentiality and integrity requirements for end systems. Mandatory access control (M...
In the past, it was very common to develop middleware without consideration of security from the very beginning. To integrate security, the middleware that should be protected has...
Access control policies are often specified in declarative languages. In this paper, we propose a novel approach, called mutation verification, to assess the quality of properties...
Evan Martin, JeeHyun Hwang, Tao Xie, Vincent C. Hu