[PDF][PDF] Verifying Compliance of Trusted Programs.
In this paper, we present an approach for verifying that trusted programs correctly enforce
system security goals when deployed. A trusted program is trusted to only perform safe …
system security goals when deployed. A trusted program is trusted to only perform safe …
Developing a security typed java servlet
D Hassan, S El-Kassas, I Ziedan - 2008 The Fourth …, 2008 - ieeexplore.ieee.org
The Lack of security policy enforcement in Web development languages is one of the most
important challenges in Web application systems development, as there is no formal check …
important challenges in Web application systems development, as there is no formal check …
Information Flow Control for Secure Web Sites
MN Krohn - 2008 - dspace.mit.edu
Sometimes Web sites fail in the worst ways. They can reveal private data that can never be
retracted [60, 72, 78, 79]. Or they can succumb to vandalism, and subsequently show corrupt …
retracted [60, 72, 78, 79]. Or they can succumb to vandalism, and subsequently show corrupt …
Towards a system-wide and transparent security mechanism using language-level information flow control
MR Azadmanesh, M Sharifi - … of the 3rd international conference on …, 2010 - dl.acm.org
Operating systems try to provide secure platforms using appropriate security mechanisms
like DAC and MAC. In spite of this, information confidentiality is not totally provided when …
like DAC and MAC. In spite of this, information confidentiality is not totally provided when …
[PDF][PDF] Enforcing configurable trust in client-side software stacks by splitting information flow
Current client-server applications such as online banking employ the same client-side
software stack to handle information with differing security and functionality requirements …
software stack to handle information with differing security and functionality requirements …
SELinux Integrity Instrumentation (SII): Instrumenting SELinux for configuration auditing and integrity monitoring
M Libassi - 2016 - search.proquest.com
SELinux is lacking methods to prove compliance with security policies and detect change.
The SELinux Integrity Instrumentation (SII) parses key parts of SELinux and the Linux …
The SELinux Integrity Instrumentation (SII) parses key parts of SELinux and the Linux …
Design and Implementation of an Integrated Network and Data Management System for Heterogeneous WSNs
M Navarro, D Bhatnagar, R Liu… - 2011 IEEE Eighth …, 2011 - ieeexplore.ieee.org
Wireless Sensor Networks (WSNs) are being used in a variety of applications including
environmental monitoring, event detection, object tracking, and healthcare applications …
environmental monitoring, event detection, object tracking, and healthcare applications …
[图书][B] Methods for specifying and resolving security policy compliance problems
SJR Rodriguez - 2011 - search.proquest.com
Distributed systems have become sufficiently complex that it is impractical for administrators
to configure them manually to prevent security vulnerabilities. These systems consist of …
to configure them manually to prevent security vulnerabilities. These systems consist of …
Leveraging Emerging Disk Functionality for New Security Services
KRB Butler - 2010 - etda.libraries.psu.edu
The complexity of modern operating systems makes securing them a challenging problem.
However, changes in the computing model, such as the rise of cloud computing and smarter …
However, changes in the computing model, such as the rise of cloud computing and smarter …
[PDF][PDF] Trusted Declassification: Policy Infrastructure for a Security-Typed Language
B Hicks, D King, P McDaniel, M Hicks - cs.umd.edu
In this paper, we propose a simple idea we call trusted declassification in which special
declassifier functions are specified as part of the global policy. In particular, individual …
declassifier functions are specified as part of the global policy. In particular, individual …