CSFW
2011
IEEE
12 years 11 months ago
2011
IEEE
—We present a statistical test for detecting information leaks in systems with continuous outputs. We use continuous mutual information to detect the information leakage from tri...
CSFW
2011
IEEE
12 years 11 months ago
2011
IEEE
—We propose a much-needed formal definition of security for cryptographic key management APIs. The advantages of our definition are that it is general, intuitive, and applicabl...
CSFW
2011
IEEE
12 years 11 months ago
2011
IEEE
CSFW
2011
IEEE
12 years 11 months ago
2011
IEEE
—This paper introduces YARRA, a conservative extension to C to protect applications from non-control data attacks. YARRA programmers specify their data integrity requirements by ...
CSFW
2011
IEEE
12 years 11 months ago
2011
IEEE
—In this paper, we investigate the computational complexity of quantitative information flow (QIF) problems. Information-theoretic quantitative relaxations of noninterference (b...
CSFW
2011
IEEE
12 years 11 months ago
2011
IEEE
—This paper explores the idea of knowledge-based security policies, which are used to decide whether to answer queries over secret data based on an estimation of the querier’s ...
CSFW
2011
IEEE
12 years 11 months ago
2011
IEEE
—We present a Horn-clause-based framework for analysing security protocols that use platform configuration registers (PCRs), which are registers for maintaining state inside the...
CSFW
2011
IEEE
12 years 11 months ago
2011
IEEE
—Randomization is used in computer security as a tool to introduce unpredictability into the software infrastructure. In this paper, we study the use of randomization to achieve ...
CSFW
2011
IEEE
12 years 11 months ago
2011
IEEE
Abstract—Audit mechanisms are essential for privacy protection in permissive access control regimes, such as in hospitals where denying legitimate access requests can adversely a...