We enforce information flow policies in programs that run at multiple locations, with diverse levels of security. We build a compiler from a small imperative language with locali...
For large problems the ATMS often becomes the main resource consumer in any reasoning system. We propose an architecture (the 2vATMS) that combines the advantages of two techniques...
We describe a type system for the Xd calculus of Gardner and Maffeis. An Xd-network is a network of locations, where each location consists of both a data tree (which contains scr...
We study formal security properties of network-attached storage (NAS) in an applied pi calculus. We model NAS as an implementation of a specification based on traditional central...
—Deploying a security policy may prove difficult whenever the system does not embed all necessary security functionalities. Some specific functionalities are required to accura...