A note on denial-of-service in operating systems
IEEE Transactions on Software Engineering
Distributed systems: methods and tools for specification. An advanced course
Distributed systems: methods and tools for specification. An advanced course
Verifying temporal properties without temporal logic
ACM Transactions on Programming Languages and Systems (TOPLAS)
The DIAMOND security policy for object-oriented databases
CSC '92 Proceedings of the 1992 ACM annual conference on Communications
Partial evaluation and automatic program generation
Partial evaluation and automatic program generation
Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
From system F to typed assembly language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The design and implementation of a certifying compiler
PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
History-based access control for mobile code
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
Guarded commands, nondeterminacy and formal derivation of programs
Communications of the ACM
Automata, Languages, and Machines
Automata, Languages, and Machines
Java Virtual Machine Specification
Java Virtual Machine Specification
Java Security: Present and Near Future
IEEE Micro
Authorization in Distributed Systems: A Formal Approach
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
A General Theory of Composition for Trace Sets Closed under Selective Interleaving Functions
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Formal languages and their relation to automata
Formal languages and their relation to automata
A tool for constructing safe extensible C++ systems
COOTS'97 Proceedings of the 3rd conference on USENIX Conference on Object-Oriented Technologies (COOTS) - Volume 3
Typed memory management via static capabilities
ACM Transactions on Programming Languages and Systems (TOPLAS)
Separating access control policy, enforcement, and functionality in extensible systems
ACM Transactions on Computer Systems (TOCS)
Untrusted hosts and confidentiality: secure program partitioning
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
The SLAM project: debugging system software via static analysis
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Systematic design of program transformation frameworks by abstract interpretation
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Information sharing and security in dynamic coalitions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Model-Carrying Code (MCC): a new paradigm for mobile-code security
Proceedings of the 2001 workshop on New security paradigms
Secure calling contexts for stack inspection
Proceedings of the 4th ACM SIGPLAN international conference on Principles and practice of declarative programming
Mimicry attacks on host-based intrusion detection systems
Proceedings of the 9th ACM conference on Computer and communications security
Enforcing Obligation with Security Monitors
ICICS '01 Proceedings of the Third International Conference on Information and Communications Security
A Language-Based Approach to Security
Informatics - 10 Years Back. 10 Years Ahead.
An Intrusion Detection System for Aglets
MA '02 Proceedings of the 6th International Conference on Mobile Agents
Conformance Checking for Models of Asynchronous Message Passing Software
CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
Establishing the business value of network security using analytical hierarchy process
Creating business value with information technology
Using reflection as a mechanism for enforcing security policies on compiled code
Journal of Computer Security - Special issue on ESORICS 2000
Dynamic access control: preserving safety and trust for network defense operations
Proceedings of the eighth ACM symposium on Access control models and technologies
Using Replication and Partitioning to Build Secure Distributed Systems
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A lattice-theoretic characterization of safety and liveness
Proceedings of the twenty-second annual symposium on Principles of distributed computing
Model-carrying code: a practical approach for safe execution of untrusted applications
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Toward an integrative model of application-software security
Practicing software engineering in the 21st century
Program specialization for execution monitoring
Journal of Functional Programming
Security check: a formal yet practical framework for secure software architecture
Proceedings of the 2003 workshop on New security paradigms
Embedding role-based access control model in object-oriented systems to protect privacy
Journal of Systems and Software
Securing web application code by static analysis and runtime protection
Proceedings of the 13th international conference on World Wide Web
MetaKlaim: a type safe multi-stage language for global computing
Mathematical Structures in Computer Science
Resolving and applying constraint queries on context-sensitive analyses
Proceedings of the 5th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
A method for designing secure solutions
IBM Systems Journal - End-to-end security
A model-based approach to integrating security policies for embedded devices
Proceedings of the 4th ACM international conference on Embedded software
Supervisory Control of Software Systems
IEEE Transactions on Computers
A compositional framework for access control policies enforcement
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
Providing flexible access control to an information flow control model
Journal of Systems and Software
Policy framings for access control
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
Interfaces for stack inspection
Journal of Functional Programming
A systematic approach to static access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Composing security policies with polymer
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Trace effects and object orientation
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Risky trust: risk-based analysis of software systems
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
SECA: security-enhanced communication architecture
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
An information flow control model for C applications based on access control lists
Journal of Systems and Software
The Effect of the Specification Model on the Complexity of Adding Masking Fault Tolerance
IEEE Transactions on Dependable and Secure Computing
A framework for concrete reputation-systems with applications to history-based access control
Proceedings of the 12th ACM conference on Computer and communications security
Computability classes for enforcement mechanisms
ACM Transactions on Programming Languages and Systems (TOPLAS)
Science of Computer Programming - Special issue: Static analysis symposium (SAS 2003)
Nexus: a new operating system for trustworthy computing
Proceedings of the twentieth ACM symposium on Operating systems principles
Dynamic inference of polymorphic lock types
Science of Computer Programming - Special issue: Concurrency and synchronization in Java programs
Certified In-lined Reference Monitoring on .NET
Proceedings of the 2006 workshop on Programming languages and analysis for security
Formal specification and analysis of JAAS framework
Proceedings of the 2006 international workshop on Software engineering for secure systems
Distributed intrusion detection in clusters based on non-interference
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Reference specification issues in on-line verification by passive testing
PDCN'06 Proceedings of the 24th IASTED international conference on Parallel and distributed computing and networks
Adaptiveness in well-typed Java bytecode verification
CASCON '06 Proceedings of the 2006 conference of the Center for Advanced Studies on Collaborative research
JavaScript instrumentation for browser security
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
On-Chip Communication Architectures: System on Chip Interconnect
On-Chip Communication Architectures: System on Chip Interconnect
Thorough static analysis of device drivers
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
An Approach for the Specification, Verification and Synthesis of Secure Systems
Electronic Notes in Theoretical Computer Science (ENTCS)
Describing data flow analysis techniques with Kleene algebra
Science of Computer Programming
Aspect-oriented programming for reactive systems: Larissa, a proposal in the synchronous framework
Science of Computer Programming - Special issue: Foundations of aspect-oriented programming
Specifying and analyzing security automata using CSP-OZ
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Requirement enforcement by transformation automata
Proceedings of the 6th workshop on Foundations of aspect-oriented languages
On modeling and tolerating incorrect software
Journal of High Speed Networks - Self-Stabilizing Systems, Part 2
Decentralized enforcement of security policies for distributed computational systems
Proceedings of the 2007 ACM symposium on Applied computing
Broad new OS research: challenges and opportunities
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Privtrans: automatically partitioning programs for privilege separation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
A simulation-based proof technique for dynamic information flow
Proceedings of the 2007 workshop on Programming languages and analysis for security
Analysis of Computer Intrusions Using Sequences of Function Calls
IEEE Transactions on Dependable and Secure Computing
Language-Based Program Verification via Expressive Types
Electronic Notes in Theoretical Computer Science (ENTCS)
Science of Computer Programming
Managing the risk of covert information flows in virtual machine systems
Proceedings of the 12th ACM symposium on Access control models and technologies
Engineering Trust Management into Software Models
MISE '07 Proceedings of the International Workshop on Modeling in Software Engineering
Supporting Security Monitor-Aware Development
SESS '07 Proceedings of the Third International Workshop on Software Engineering for Secure Systems
Rewriting-Based Access Control Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Through Modeling to Synthesis of Security Automata
Electronic Notes in Theoretical Computer Science (ENTCS)
Reasoning about safety properties in a JVM-like environment
Science of Computer Programming
Automated Synthesis of Enforcing Mechanisms for Security Properties in a Timed Setting
Electronic Notes in Theoretical Computer Science (ENTCS)
Electronic Notes in Theoretical Computer Science (ENTCS)
On optimizing compatible security policies in wireless networks
EURASIP Journal on Wireless Communications and Networking
Provisions and obligations in policy management and security applications
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
GPCE '07 Proceedings of the 6th international conference on Generative programming and component engineering
Security policy compliance with violation management
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Weaving rewrite-based access control policies
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
A flexible security architecture to support third-party applications on mobile devices
Proceedings of the 2007 ACM workshop on Computer security architecture
Analysis of three multilevel security architectures
Proceedings of the 2007 ACM workshop on Computer security architecture
Theoretical Computer Science
A compact aspect-based security monitor for J2ME applications
CompSysTech '07 Proceedings of the 2007 international conference on Computer systems and technologies
A Virtual Machine Based Information Flow Control System for Policy Enforcement
Electronic Notes in Theoretical Computer Science (ENTCS)
Monitoring External Resources in Java MIDP
Electronic Notes in Theoretical Computer Science (ENTCS)
Infrastructural Support for Enforcing and Managing Distributed Application-Level Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
ConSpec -- A Formal Language for Policy Specification
Electronic Notes in Theoretical Computer Science (ENTCS)
Types and trace effects of higher order programs
Journal of Functional Programming
Execution monitoring enforcement under memory-limitation constraints
Information and Computation
AspectML: A polymorphic aspect-oriented functional programming language
ACM Transactions on Programming Languages and Systems (TOPLAS)
An approach to synthesise safe systems
International Journal of Security and Networks
Computer forensics in forensis
ACM SIGOPS Operating Systems Review
A logical framework for history-based access control and reputation systems
Journal of Computer Security
Security protocols, properties, and their monitoring
Proceedings of the fourth international workshop on Software engineering for secure systems
Simulating midlet's security claims with automata modulo theory
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Aspect-oriented in-lined reference monitors
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Verified enforcement of stateful information release policies
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Enforcing security properties in task-based systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Provably Correct Runtime Monitoring
FM '08 Proceedings of the 15th international symposium on Formal Methods
A Caller-Side Inline Reference Monitor for an Object-Oriented Intermediate Language
FMOODS '08 Proceedings of the 10th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
Towards Automation of Testing High-Level Security Properties
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Expanding Malware Defense by Securing Software Installations
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
A Verifiable Conformance Relationship between Smart Card Applets and B Security Models
ABZ '08 Proceedings of the 1st international conference on Abstract State Machines, B and Z
Run-Time Enforcement of Nonsafety Policies
ACM Transactions on Information and System Security (TISSEC)
Efficient and extensible security enforcement using dynamic data flow analysis
Proceedings of the 15th ACM conference on Computer and communications security
Enforcing authorization policies using transactional memory introspection
Proceedings of the 15th ACM conference on Computer and communications security
ConSpec – A formal language for policy specification
Science of Computer Programming
Types and trace effects for object orientation
Higher-Order and Symbolic Computation
Runtime Verification
JavaScript Instrumentation in Practice
APLAS '08 Proceedings of the 6th Asian Symposium on Programming Languages and Systems
Synthesizing Enforcement Monitors wrt. the Safety-Progress Classification of Properties
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Security benchmarking using partial verification
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Execution monitoring enforcement for limited-memory systems
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Reducing Behavioural to Structural Properties of Programs with Procedures
VMCAI '09 Proceedings of the 10th International Conference on Verification, Model Checking, and Abstract Interpretation
Verified enforcement of stateful information release policies
ACM SIGPLAN Notices
A Labeled Transition Model A-LTS for History-Based Aspect Weaving and Its Expressive Power
IEICE - Transactions on Information and Systems
Proceedings of the 2009 ACM symposium on Applied Computing
Security-By-Contract for the Future Internet
Future Internet --- FIS 2008
From Formal Access Control Policies to Runtime Enforcement Aspects
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
Efficient IRM enforcement of history-based access control policies
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Lightweight self-protecting JavaScript
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Matching Trace Patterns with Regular Policies
LATA '09 Proceedings of the 3rd International Conference on Language and Automata Theory and Applications
Do You Really Mean What You Actually Enforced?
Formal Aspects in Security and Trust
Security enforcement aware software development
Information and Software Technology
An algebra for fine-grained integration of XACML policies
Proceedings of the 14th ACM symposium on Access control models and technologies
Access control policy combining: theory meets practice
Proceedings of the 14th ACM symposium on Access control models and technologies
On the expressiveness and complexity of randomization in finite state monitors
Journal of the ACM (JACM)
Local policies for resource usage analysis
ACM Transactions on Programming Languages and Systems (TOPLAS)
ActionScript bytecode verification with co-logic programming
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Enforcing Security Policies on Programs
Proceedings of the 2006 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the fifth SoMeT_06
Formal Technique for Discovering Complex Attacks in Computer Systems
Proceedings of the 2007 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the sixth SoMeT_07
Security Policies Enforcement Using Finite Edit Automata
Electronic Notes in Theoretical Computer Science (ENTCS)
We have met the enemy and he is us
Proceedings of the 2008 workshop on New security paradigms
Using Edit Automata for Rewriting-Based Security Enforcement
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Control-flow integrity principles, implementations, and applications
ACM Transactions on Information and System Security (TISSEC)
Security Monitor Inlining for Multithreaded Java
Genoa Proceedings of the 23rd European Conference on ECOOP 2009 --- Object-Oriented Programming
On the Role of Formal Methods in Software Certification: An Experience Report
Electronic Notes in Theoretical Computer Science (ENTCS)
Electronic Notes in Theoretical Computer Science (ENTCS)
A type system for discretionary access control†
Mathematical Structures in Computer Science
Efficient Monitoring of Parametric Context-Free Patterns
ASE '08 Proceedings of the 2008 23rd IEEE/ACM International Conference on Automated Software Engineering
Resolving least privilege violations in software architectures
IWSESS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems
Electronic Notes in Theoretical Computer Science (ENTCS)
Planning and verifying service composition
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Measuring the interplay of security principles in software architectures
ESEM '09 Proceedings of the 2009 3rd International Symposium on Empirical Software Engineering and Measurement
Towards Practical Enforcement Theories
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Generating In-Line Monitors for Rabin Automata
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Dynamic Observers for the Synthesis of Opaque Systems
ATVA '09 Proceedings of the 7th International Symposium on Automated Technology for Verification and Analysis
Automatic Testing of Access Control for Security Properties
TESTCOM '09/FATES '09 Proceedings of the 21st IFIP WG 6.1 International Conference on Testing of Software and Communication Systems and 9th International FATES Workshop
A Synergy between Static and Dynamic Analysis for the Detection of Software Security Vulnerabilities
OTM '09 Proceedings of the Confederated International Conferences, CoopIS, DOA, IS, and ODBASE 2009 on On the Move to Meaningful Internet Systems: Part II
Combining Static Model Checking with Dynamic Enforcement Using the Statecall Policy Language
ICFEM '09 Proceedings of the 11th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
Believing the Integrity of a System
Electronic Notes in Theoretical Computer Science (ENTCS)
Electronic Notes in Theoretical Computer Science (ENTCS)
Enforcing IRM security policies: two case studies
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Dynamic security framework for mobile agent systems: specification, verification and enforcement
International Journal of Information and Computer Security
International Journal of Information and Computer Security
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Passive testing for reverse engineering: specification recovery
PDCN '08 Proceedings of the IASTED International Conference on Parallel and Distributed Computing and Networks
Experiences with embedding MPL security monitors into Java programs
CompSysTech '09 Proceedings of the International Conference on Computer Systems and Technologies and Workshop for PhD Students in Computing
Provably correct inline monitoring for multithreaded Java-like programs
Journal of Computer Security - EU-Funded ICT Research on Trust and Security
Disambiguating aspect-oriented security policies
Proceedings of the 9th International Conference on Aspect-Oriented Software Development
Efficient monitoring of parametric context-free patterns
Automated Software Engineering
Isolating untrusted software extensions by custom scoping rules
Computer Languages, Systems and Structures
Introducing reference flow control for detecting intrusion symptoms at the OS level
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
On the automated synthesis of proof-carrying temporal reference monitors
LOPSTR'06 Proceedings of the 16th international conference on Logic-based program synthesis and transformation
Types and Effects for resource usage analysis
FOSSACS'07 Proceedings of the 10th international conference on Foundations of software science and computational structures
SAS'03 Proceedings of the 10th international conference on Static analysis
Types and effects for non-interfering program monitors
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Computer security from a programming language and static analysis perspective
ESOP'03 Proceedings of the 12th European conference on Programming
Using controller-synthesis techniques to build property-enforcing layers
ESOP'03 Proceedings of the 12th European conference on Programming
A distributed monitoring system for enhancing security and dependability at architectural level
Architecting dependable systems IV
Automated verification of security policies in mobile code
IFM'07 Proceedings of the 6th international conference on Integrated formal methods
Science of Computer Programming
A flexible architecture for enforcing and composing policies in a service-oriented environment
DAIS'07 Proceedings of the 7th IFIP WG 6.1 international conference on Distributed applications and interoperable systems
A tool for the synthesis of controller programs
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Enforcement of integrated security policy in trusted operating systems
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
On run-time enforcement of policies
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Automata-based confidentiality monitoring
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Synthesising monitors from high-level policies for the safe execution of untrusted software
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
COORDINATION'08 Proceedings of the 10th international conference on Coordination models and languages
Extracting control from data: user interfaces of MIDP applications
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Foundations of security analysis and design IV
Secure Service Composition with Symbolic Effects
SEEFM '09 Proceedings of the 2009 Fourth South-East European Workshop on Formal Methods
Monitoring security policies with metric first-order temporal logic
Proceedings of the 15th ACM symposium on Access control models and technologies
Towards a theory of accountability and audit
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Dynamic enforcement of abstract separation of duty constraints
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
A privacy preservation model for facebook-style social network systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Independence from obfuscation: A semantic framework for diversity
Journal of Computer Security
Using equivalence relations for corrective enforcement of security policies
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Automated detection of least privilege violations in software architectures
ECSA'10 Proceedings of the 4th European conference on Software architecture
A theory of runtime enforcement, with results
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
VM-based security overkill: a lament for applied systems security research
Proceedings of the 2010 workshop on New security paradigms
Semantics of UML models for dynamic behavior: a survey of different approaches
MBEERTS'07 Proceedings of the 2007 International Dagstuhl conference on Model-based engineering of embedded real-time systems
Modular plans for secure service composition
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
Rewriting logic approach to modeling and analysis of client behavior in open systems
SEUS'10 Proceedings of the 8th IFIP WG 10.2 international conference on Software technologies for embedded and ubiquitous systems
Flexible in-lined reference monitor certification: challenges and future directions
Proceedings of the 5th ACM workshop on Programming languages meets program verification
You should better enforce than verify
RV'10 Proceedings of the First international conference on Runtime verification
Reducing configurations to monitor in a software product line
RV'10 Proceedings of the First international conference on Runtime verification
Unifying facets of information integrity
ICISS'10 Proceedings of the 6th international conference on Information systems security
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Policy-based attestation of service behavior for establishing rigorous trust
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
CVPP: a tool set for compositional verification of control-flow safety properties
FoVeOOS'10 Proceedings of the 2010 international conference on Formal verification of object-oriented software
Secure service orchestration in open networks
Journal of Systems Architecture: the EUROMICRO Journal
Corrective enforcement of security policies
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
On the challenge of delivering high-performance, dependable, model-checked internet servers
HotDep'05 Proceedings of the First conference on Hot topics in system dependability
Transactions on computational science XI
Runtime enforcement monitors: composition, synthesis, and enforcement abilities
Formal Methods in System Design
Relationship-based access control policies and their policy languages
Proceedings of the 16th ACM symposium on Access control models and technologies
Formal enforcement of security policies on concurrent systems
Journal of Symbolic Computation
Java security architecture revisited
Communications of the ACM
History-dependent inference control of queries by dynamic policy adaption
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
Java Security Architecture Revisited
Queue - Programming Languages
Call-by-contract for service discovery, orchestration and recovery
Rigorous software engineering for service-oriented systems
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Proceedings of the 11th international conference on Security Protocols
Provably correct runtime enforcement of non-interference properties
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Information flow analysis for javascript
Proceedings of the 1st ACM SIGPLAN international workshop on Programming language and systems technologies for internet clients
Static analysis of programs using omega algebra with tests
RelMiCS'05 Proceedings of the 8th international conference on Relational Methods in Computer Science, Proceedings of the 3rd international conference on Applications of Kleene Algebra
Checking risky events is enough for local policies
ICTCS'05 Proceedings of the 9th Italian conference on Theoretical Computer Science
Environmentally-aware security enforcement (EASE) for cooperative design and engineering
CDVE'05 Proceedings of the Second international conference on Cooperative Design, Visualization, and Engineering
Specifying and analysing run-time security policies for time dependant services
Proceedings of the First International Workshop on Security and Privacy Preserving in e-Societies
Gate automata-driven run-time enforcement
Computers & Mathematics with Applications
Formal analysis of dynamic, distributed file-system access controls
FORTE'06 Proceedings of the 26th IFIP WG 6.1 international conference on Formal Techniques for Networked and Distributed Systems
ActionScript in-lined reference monitoring in prolog
PADL'10 Proceedings of the 12th international conference on Practical Aspects of Declarative Languages
Model-checking in-lined reference monitors
VMCAI'10 Proceedings of the 11th international conference on Verification, Model Checking, and Abstract Interpretation
A first step towards security policy compliance of connectors
FSEN'09 Proceedings of the Third IPM international conference on Fundamentals of Software Engineering
Malware: from modelling to practical detection
ICDCIT'10 Proceedings of the 6th international conference on Distributed Computing and Internet Technology
A distributed intrusion detection approach for secure software architecture
EWSA'05 Proceedings of the 2nd European conference on Software Architecture
Design and implementation of an extended reference monitor for trusted operating systems
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
Modelling mobility aspects of security policies
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
Formal methods for smartcard security
Foundations of Security Analysis and Design III
Policy monitoring in first-order temporal logic
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
History-based access control with local policies
FOSSACS'05 Proceedings of the 8th international conference on Foundations of Software Science and Computation Structures
ZB'05 Proceedings of the 4th international conference on Formal Specification and Development in Z and B
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Enforcing non-safety security policies with program monitors
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Synthesis of opaque systems with static and dynamic masks
Formal Methods in System Design
HBAC: a model for history-based access control and its model checking
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Policy-driven memory protection for reconfigurable hardware
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Dynamic access control in a concurrent object calculus
CONCUR'06 Proceedings of the 17th international conference on Concurrency Theory
Automated discovery of mimicry attacks
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Capabilities for information flow
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Bounded analysis and decomposition for behavioural descriptions of components
FMOODS'06 Proceedings of the 8th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
Specification and realization of access control in SPKI/SDSI
ICISS'06 Proceedings of the Second international conference on Information Systems Security
RDyMASS: reliable and dynamic enforcement of security policies for mobile agent systems
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Flow based interpretation of access control: detection of illegal information flows
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Information flow security in cyber-physical systems
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Automated verification of executable UML models
FMCO'10 Proceedings of the 9th international conference on Formal Methods for Components and Objects
Tools for traceable security verification
VoCS'08 Proceedings of the 2008 international conference on Visions of Computer Science: BCS International Academic Conference
A framework for static detection of privacy leaks in android applications
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Corrective Enforcement: A New Paradigm of Security Policy Enforcement by Monitors
ACM Transactions on Information and System Security (TISSEC)
Aspect-Oriented runtime monitor certification
TACAS'12 Proceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Enforceable security policies revisited
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Mathematical and Computer Modelling: An International Journal
Security-policy monitoring and enforcement with JavaMOP
Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
Optimized inlining of runtime monitors
NordSec'11 Proceedings of the 16th Nordic conference on Information Security Technology for Applications
Gained and Excluded Private Actions by Process Observations
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P)
Efficient runtime policy enforcement using counterexample-guided abstraction refinement
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
Verifiable control flow policies for java bytecode
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Asynchronous distributed monitoring for multiparty session enforcement
TGC'11 Proceedings of the 6th international conference on Trustworthy Global Computing
Tracking and constraining authorization provenance
IEA/AIE'12 Proceedings of the 25th international conference on Industrial Engineering and Other Applications of Applied Intelligent Systems: advanced research in applied artificial intelligence
Binary stirring: self-randomizing instruction addresses of legacy x86 binary code
Proceedings of the 2012 ACM conference on Computer and communications security
TreeDroid: a tree automaton based approach to enforcing data processing policies
Proceedings of the 2012 ACM conference on Computer and communications security
Dynamic enforcement of abstract separation of duty constraints
ACM Transactions on Information and System Security (TISSEC)
A quantitative approach for inexact enforcement of security policies
ISC'12 Proceedings of the 15th international conference on Information Security
From qualitative to quantitative enforcement of security policy
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Challenges in defining a programming language for provably correct dynamic analyses
ISoLA'12 Proceedings of the 5th international conference on Leveraging Applications of Formal Methods, Verification and Validation: technologies for mastering change - Volume Part I
Behavioral specification based runtime monitors for OSGi services
ISoLA'12 Proceedings of the 5th international conference on Leveraging Applications of Formal Methods, Verification and Validation: technologies for mastering change - Volume Part I
The specification and compilation of obligation policies for program monitoring
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
A framework for automatic generation of security controller
Software Testing, Verification & Reliability
Securing untrusted code via compiler-agnostic binary rewriting
Proceedings of the 28th Annual Computer Security Applications Conference
Detecting and preventing activex API-Misuse vulnerabilities in internet explorer
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Idea: callee-site rewriting of sealed system libraries
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Reducing behavioural to structural properties of programs with procedures
Theoretical Computer Science
Ensuring continuous compliance through reconciling policy with usage
Proceedings of the 18th ACM symposium on Access control models and technologies
Least-restrictive enforcement of the Chinese wall security policy
Proceedings of the 18th ACM symposium on Access control models and technologies
Enforceable Security Policies Revisited
ACM Transactions on Information and System Security (TISSEC)
Flexible access control for javascript
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
Relational abstraction in community-based secure collaboration
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Implementing real-time transactional security property using timed edit automata
Proceedings of the 6th International Conference on Security of Information and Networks
FASER Formal and Automatic Security Enforcement by Rewriting by BPA algebra with test
International Journal of Grid and Utility Computing
Control-flow integrity principles, implementations, and applications
ACM Transactions on Information and System Security (TISSEC)
Association-Based Active Access Control models with balanced scalability and flexibility
Computers in Industry
Verification and enforcement of access control policies
Formal Methods in System Design
Dynamic policy adaptation for inference control of queries to a propositional information system
Journal of Computer Security - DBSec 2011
Iterative enforcement by suppression: Towards practical enforcement theories
Journal of Computer Security - ARSPA-WITS'10
Modular plans for secure service composition
Journal of Computer Security - ARSPA-WITS'10
Journal of Computer Security - CSF 2010
| Hi-index | 0.02 |
A precise characterization is given for the class of security policies enforceable with mechanisms that work by monitoring system execution, and automata are introduced for specifying exactly that class of security policies. Techniques to enforce security policies specified by such automata are also discussed.