ACSAC
2006
IEEE
14 years 8 months ago
2006
IEEE
Security-typed languages are an evolving tool for implementing systems with provable security guarantees. However, to date, these tools have only been used to build simple “toy...
ACSAC
2006
IEEE
14 years 8 months ago
2006
IEEE
Many software security solutions require accurate tracking of control/data dependencies among information objects in network applications. This paper presents a general dynamic in...
ACSAC
2006
IEEE
14 years 8 months ago
2006
IEEE
In this paper we present an efficient countermeasure against stack smashing attacks. Our countermeasure does not rely on secret values (such as canaries) and protects against att...
ACSAC
2006
IEEE
14 years 8 months ago
2006
IEEE
Modern malware often hide the malicious portion of their program code by making it appear as data at compiletime and transforming it back into executable code at runtime. This obf...
ACSAC
2006
IEEE
14 years 8 months ago
2006
IEEE
Increasing use of the Internet for critical services makes flooding distributed denial-of-service (DDoS) a top security threat. A distributed nature of DDoS suggests that a distr...
ACSAC
2006
IEEE
14 years 8 months ago
2006
IEEE
This paper investigates the general problem of performing key-value search at untrusted servers without loss of user privacy. Specifically, given key-value pairs from multiple ow...
ACSAC
2006
IEEE
14 years 8 months ago
2006
IEEE
Attribute Based Messaging (ABM) enables message senders to dynamically create a list of recipients based on their attributes as inferred from an enterprise database. Such targeted...
ACSAC
2006
IEEE
14 years 8 months ago
2006
IEEE
Access control and integrity constraints are well known approaches to ensure data integrity in commercial database systems. However, due to operational mistakes, malicious intent ...
ACSAC
2006
IEEE
14 years 8 months ago
2006
IEEE
As new attacks against Windows-based machines emerge almost on a daily basis, there is an increasing need to “lock down” individual users’ desktop machines in corporate comp...
ACSAC
2006
IEEE
2006
IEEE
A Study of Access Control Requirements for Healthcare Systems Based on Audit Trails from Access Logs
14 years 8 months ago
In healthcare, role-based access control systems are often extended with exception mechanisms to ensure access to needed informationeven when the needs don’t followthe expected ...