In order to provide certified security services we must provide indicators that can measure the level of assurance that a complex business process can offer. Unfortunately the fo...
Abstract. MicroArchitectural Attacks (MA), which can be considered as a special form of SideChannel Analysis, exploit microarchitectural functionalities of processor implementation...
Various system architectures have been proposed for high assurance enforcement of multilevel security. This paper provides an analysis of the relative merits of three architectura...
Timothy E. Levin, Cynthia E. Irvine, Clark Weissma...
Computer usage and threat models have changed drastically since the advent of access control systems in the 1960s. Instead of multiple users sharing a single file system, each us...
William Enck, Sandra Rueda, Joshua Schiffman, Yoge...
Data outsourcing is becoming today a successful solution that allows users and organizations to exploit external servers for the distribution of resources. Some of the most challe...
Sabrina De Capitani di Vimercati, Sara Foresti, Su...
As computing models change, so too do the demands on storage. Distributed and virtualized systems introduce new vulnerabilities, assumptions, and performance requirements on disks...
Kevin R. B. Butler, Stephen E. McLaughlin, Patrick...
The problem of supporting the secure execution of potentially malicious third-party applications has received a considerable amount of attention in the past decade. In this paper ...
Security researchers are applying software reliability models to vulnerability data, in an attempt to model the vulnerability discovery process. I show that most current work on t...
In defining large, complex access control policies, one would like to compose sub-policies, perhaps authored by different organizations, into a single global policy. Existing po...