KLAIM: A Kernel Language for Agents Interaction and Mobility
IEEE Transactions on Software Engineering
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
IEEE Transactions on Software Engineering
ACM Transactions on Information and System Security (TISSEC)
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Untrusted hosts and confidentiality: secure program partitioning
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Principles of Program Analysis
Principles of Program Analysis
ACM Transactions on Computer Systems (TOCS)
Privilege Graph: an Extension to the Typed Access Matrix Model
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Language-Based Information Erasure
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Towards a Theory of Insider Threat Assessment
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
An extensible analysable system model
Information Security Tech. Report
Self-healing: science, engineering, and fiction
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Information protection via environmental data tethers
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Analysing Access Control Specifications
SADFE '09 Proceedings of the 2009 Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering
Proceedings of the 4th international conference on Formal aspects in security and trust
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Program partitioning using dynamic trust models
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
On-line privacy and consent: a dialogue, not a monologue
Proceedings of the 2010 workshop on New security paradigms
Turtles all the way down: a clean-slate, ground-up, first-principles approach to secure systems
Proceedings of the 2012 workshop on New security paradigms
Hi-index | 0.00 |
Networked communication systems and the data they make available have, over the last decades, made their way to the very core of both society and business. Not only do they support everyday life and day-to-day operations, in many cases they enable them in the first place, and often are among the most valuable assets. The flexibility that makes them so valuable in the first place, is also their primary vulnerability: via the network, an entity's data is accessible from almost everywhere, often without the need of physical presence in the entity's perimeter. In this work we propose a new security paradigm, that aims at using the network's flexibility to move data and applications away from potential attackers. We also present a possible realization of the proposed paradigm, based on recent advances in language-based security and static analysis, where data and applications are partitioned ahead-of-time and can be moved automatically based on activity both in the network as well as the real world.