Sciweavers

CSFW
2004
IEEE
14 years 2 months ago
By Reason and Authority: A System for Authorization of Proof-Carrying Code
We present a system, BLF, that combines an authorization logic based on the Binder language with a logical framework, LF, able to express semantic properties of programs. BLF is a...
Nathan Whitehead, Martín Abadi, George C. N...
CSFW
2004
IEEE
14 years 2 months ago
The Consistency of Task-Based Authorization Constraints in Workflow Systems
Workflow management systems (WFMSs) have attracted a lot of interest both in academia and the business community. A workflow consists of a collection of tasks that are organized t...
Kaijun Tan, Jason Crampton, Carl A. Gunter
CSFW
2004
IEEE
14 years 2 months ago
Generic Insecurity of Cliques-Type Authenticated Group Key Agreement Protocols
The A-GDH.2 and SA-GDH.2 authenticated group key
Olivier Pereira, Jean-Jacques Quisquater
CSFW
2004
IEEE
14 years 2 months ago
Enforcing Robust Declassification
Noninterference requires that there is no information flow from sensitive to public data in a given system. However, many systems perform intentional release of sensitive informat...
Andrew C. Myers, Andrei Sabelfeld, Steve Zdancewic
CSFW
2004
IEEE
14 years 2 months ago
Symbolic Model Checking the Knowledge of the Dining Cryptographers
This paper describes how symbolic techniques (in particular, OBDD's) may be used to to implement an algorithm for model checking specifications in the logic of knowledge for ...
Ron van der Meyden, Kaile Su
CSFW
2004
IEEE
14 years 2 months ago
Owned Policies for Information Security
In many systems, items of information have owners associated with them. An owner of an item of information may want the system to enforce a policy that restricts use of that infor...
Hubie Chen, Stephen Chong
CSFW
2004
IEEE
14 years 2 months ago
Modelling Downgrading in Information Flow Security
Information flow security properties such as noninterference ensure the protection of confidential data by strongly limiting the flow of sensitive information. However, to deal wi...
Annalisa Bossi, Carla Piazza, Sabina Rossi
CSFW
2004
IEEE
14 years 2 months ago
From Stack Inspection to Access Control: A Security Analysis for Libraries
We present a new static analysis for reviewing the security of libraries for systems, such as JVMs or the CLR, that rely on stack inspection for access control. We describe its im...
Frédéric Besson, Tomasz Blanc, C&eac...
CSFW
2004
IEEE
14 years 2 months ago
Cassandra: Flexible Trust Management, Applied to Electronic Health Records
We study the specification of access control policy in large-scale distributed systems. We present Cassandra, a language and system for expressing policy, and the results of a sub...
Moritz Y. Becker, Peter Sewell