Using CQUAL for Static Analysis of Authorization Hook Placement

Runtime verification of authorization hook placement for the linux security modules framework

Proceedings of the 9th ACM conference on Computer and communications security

MOPS: an infrastructure for examining security properties of software

Proceedings of the 9th ACM conference on Computer and communications security

Linux Security Modules: General Security Support for the Linux Kernel

Proceedings of the 11th USENIX Security Symposium

BlueBoX: A policy-driven, host-based intrusion detection system

ACM Transactions on Information and System Security (TISSEC)

Software Security for Open-Source Systems

IEEE Security and Privacy

MECA: an extensible, expressive system and language for statically checking security properties

Proceedings of the 10th ACM conference on Computer and communications security

Consistency analysis of authorization hook placement in the Linux security modules framework

ACM Transactions on Information and System Security (TISSEC)

Using build-integrated static checking to preserve correctness invariants

Proceedings of the 11th ACM conference on Computer and communications security

Visualizing type qualifier inference with Eclipse

eclipse '04 Proceedings of the 2004 OOPSLA workshop on eclipse technology eXchange

A software flaw taxonomy: aiming tools at security

SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications

Automatic placement of authorization hooks in the linux security modules framework

Proceedings of the 12th ACM conference on Computer and communications security

Applying flow-sensitive CQUAL to verify MINIX authorization check placement

Proceedings of the 2006 workshop on Programming languages and analysis for security

The case for analysis preserving language transformation

Proceedings of the 2006 international symposium on Software testing and analysis

Flow-insensitive type qualifiers

ACM Transactions on Programming Languages and Systems (TOPLAS)

Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis

ICSE '07 Proceedings of the 29th international conference on Software Engineering

Privtrans: automatically partitioning programs for privilege separation

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13

Finding user/kernel pointer bugs with type inference

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13

Managing the risk of covert information flows in virtual machine systems

Proceedings of the 12th ACM symposium on Access control models and technologies

Chinese-wall process confinement for practical distributed coalitions

Proceedings of the 12th ACM symposium on Access control models and technologies

Type qualifier inference for java

Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications

CMV: automatic verification of complete mediation for java virtual machines

Proceedings of the 2008 ACM symposium on Information, computer and communications security

Effective blame for information-flow violations

Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering

Enforcing authorization policies using transactional memory introspection

Proceedings of the 15th ACM conference on Computer and communications security

An access control reference architecture

Proceedings of the 2nd ACM workshop on Computer security architectures

Implicit Flows: Can't Live with `Em, Can't Live without `Em

ICISS '08 Proceedings of the 4th International Conference on Information Systems Security

AutoISES: automatically inferring security specifications and detecting violations

SS'08 Proceedings of the 17th conference on Security symposium

Programming languages and program analysis for security: a three-year retrospective

ACM SIGPLAN Notices

Static Analysis of a Class of Memory Leaks in TrustedBSD MAC Framework

ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience

Verifying Information Flow Control over Unbounded Processes

FM '09 Proceedings of the 2nd World Congress on Formal Methods

A vulnerability recommendation system in Linux kernel variables

FUZZ-IEEE'09 Proceedings of the 18th international conference on Fuzzy Systems

An empirical investigation into open source web applications' implementation vulnerabilities

Empirical Software Engineering

Computer meteorology: monitoring compute clouds

HotOS'09 Proceedings of the 12th conference on Hot topics in operating systems

Defective error/pointer interactions in the Linux kernel

Proceedings of the 2011 International Symposium on Software Testing and Analysis

Practical elimination of external interaction vulnerabilities in web applications

Journal of Web Engineering

Transparent run-time prevention of format-string attacks via dynamic taint and flexible validation

ISC'06 Proceedings of the 9th international conference on Information Security

Automating security mediation placement

ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems

A location-based policy-specification language for mobile devices

Pervasive and Mobile Computing

Leveraging "choice" to automate authorization hook placement

Proceedings of the 2012 ACM conference on Computer and communications security

Auditing cloud management using information flow tracking

Proceedings of the seventh ACM workshop on Scalable trusted computing

Hi-Fi: collecting high-fidelity whole-system provenance

Proceedings of the 28th Annual Computer Security Applications Conference

Detecting control flow in smarphones: combining static and dynamic analyses

CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security

Process firewalls: protecting processes during resource access

Proceedings of the 8th ACM European Conference on Computer Systems