This paper presents a static type system for JAVA Virtual Machine (JVM) code that enforces an access control mechanism similar to the one found, for example, in a JAVA implementat...
Many groups are interested in the insider threat problem, but the model generally used by all of these groups is implicitly binary—one is either within a perimeter or not. There...
Matt Bishop, Sophie Engle, Sean Peisert, Sean Whal...
Abstract. We present a framework for designing and composing services in a secure manner. Services can enforce security policies locally, and can invoke other services in a “call...
Massimo Bartoletti, Pierpaolo Degano, Gian Luigi F...
Abstract. Proof-carrying code (PCC) allows a code producer to associate to a program a machine-checkable proof of its safety. In the original approach to PCC, the safety policy inc...
Protecting confidentiality of data has become increasingly important for computing systems. Information-flow techniques have been developed over the years to achieve that purpos...