We present a new mechanized prover for showing correspondence assertions for cryptographic protocols in the computational model. Correspondence assertions are useful in particular...
se an abstract model of business processes for the purpose of (i) evaluating privacy policy in light of the goals of the process and (ii) developing automated support for privacy ...
Adam Barth, John C. Mitchell, Anupam Datta, Sharad...
Although static systems for information flow security are well-studied, few works address run-time information flow monitoring. Run-time information flow control offers distinc...
Key conjuring is the process by which an attacker obtains an unknown, encrypted key by repeatedly calling a cryptographic API function with random values in place of keys. We prop...
Usability is the weakest link in the security chain of many prominent applications. A set of security usability principles should therefore be considered when designing and engine...
We present an extension of traditional "black box" fuzz testing using a genetic algorithm based upon a Dynamic Markov Model fitness heuristic. This heuristic allows us t...
Sherri Sparks, Shawn Embleton, Ryan Cunningham, Cl...
This paper describes the security and network architecture of the Annex system, a family of technologies for secure and pervasive communication and information processing that we ...
Duncan A. Grove, Toby C. Murray, C. A. Owen, Chris...
Special purpose trusted computing devices are currently being deployed to offer many services for which the general purpose computing paradigm is unsuitable. The nature of the ser...
Aggelos Kiayias, Laurent Michel, Alexander Russell...
This paper describes the design of a peer-to-peer network that supports integrity and confidentiality labeling of shared data. A notion of data ownership privacy is also enforced...
Nathalie Tsybulnik, Kevin W. Hamlen, Bhavani M. Th...