We argue that finding vulnerabilities in software components is different from finding exploits against them. Exploits that compromise security often use several low-level details...
Vinod Ganapathy, Sanjit A. Seshia, Somesh Jha, Tho...
The SELinux mandatory access control (MAC) policy has recently added a multi-level security (MLS) model which is able to express a fine granularity of control over a subject'...
Boniface Hicks, Sandra Rueda, Luke St. Clair, Tren...
Abstract. Certificate translation is a method that transforms certificates of source programs into certificates of their compilation. It provides strong guarantees on low-level cod...
Growing attention is being paid to application security at requirements engineering time. Confidentiality is a particular subclass of security concerns that requires sensitive inf...
As cryptographic proofs have become essentially unverifiable, cryptographers have argued in favor of developing techniques that help tame the complexity of their proofs. Game-base...