Abstract. The focus of work on information flow security has primarily been on definitions of security in asynchronous systems models. This paper considers systems with scheduler...
Authorization logics provide a principled and flexible approach to specifying access control policies. One of their compelling benefits is that a proof in the logic is evidence ...
Jeffrey A. Vaughan, Limin Jia, Karl Mazurak, Steve...
We present an authorization logic that permits reasoning with explicit time. Following a proof-theoretic approach, we study the meta-theory of the logic, including cut elimination...
Secure communication in distributed systems is notoriously hard to achieve due to the variety of attacks an adversary can mount, based on message interception, modification, redi...
Early work on security-typed languages required that legal information flows be defined statically. More recently, techniques have been introduced that relax these assumptions a...
Sruthi Bandhakavi, William H. Winsborough, Mariann...
We investigate the composition of protocols that share a common secret. This situation arises when users employ the same password on different services. More precisely we study w...
DKAL is a new declarative authorization language for distributed systems. It is based on existential fixed-point logic and is considerably more expressive than existing authoriza...
In various settings, such as when customers use the same passwords at several independent web sites, security decisions by one organization may have a significant impact on the s...
Reiko Ann Miura-Ko, Benjamin Yolken, John Mitchell...