English
Related papers

Related papers: Language-Based Web Session Integrity

200 papers

Message passing is a fundamental element in software development, ranging from concurrent and mobile computing to distributed services, but it suffers from communication errors such as deadlocks. Session types are a typing discipline for…

Programming Languages · Computer Science 2023-10-23 Zekun Ji , Shuling Wang , Xiong Xu

The Model Context Protocol (MCP) has emerged as a standard for connecting large language models (LLMs) with external tools. However, this MCP ecosystem introduces new security risks across hosts, servers, and registries. In this paper, we…

Cryptography and Security · Computer Science 2026-04-29 Xiaofan Li , Xing Gao

The HTTPS protocol has enforced a higher level of robustness to several attacks; however, it is not easy to set up the required certificates on intranets, nor is it effective in the case the server confidentiality is not reliable, as in the…

Cryptography and Security · Computer Science 2024-01-01 Marco Falda , Angela Grassi

LLM-enabled applications are rapidly reshaping the software ecosystem by using large language models as core reasoning components for complex task execution. This paradigm shift, however, introduces fundamentally new reliability challenges…

Cryptography and Security · Computer Science 2026-02-24 Yedi Zhang , Haoyu Wang , Xianglin Yang , Jin Song Dong , Jun Sun

Large language models (LLMs) are evolving into agentic systems that reason, plan, and operate external tools. The Model Context Protocol (MCP) is a key enabler of this transition, offering a standardized interface for connecting LLMs with…

Computation and Language · Computer Science 2026-03-06 Xuanjun Zong , Zhiqi Shen , Lei Wang , Yunshi Lan , Chao Yang

Honeypots are used in IT Security to detect and gather information about ongoing intrusions, e.g., by documenting the approach of an attacker. Honeypots do so by presenting an interactive system that seems just like a valid application to…

Cryptography and Security · Computer Science 2015-07-14 Christoph Pohl , Michael Meier , Hans-Joachim Hof

Session types denote message protocols between concurrent processes, allowing a type-safe expression of inter-process communication. Although previous work demonstrate a well-defined notion of subtyping where processes have different…

Programming Languages · Computer Science 2021-11-29 Chuta Sano , Stephanie Balzer , Frank Pfenning

The security of computer systems typically relies on a hardware root of trust. As vulnerabilities in hardware can have severe implications on a system, there is a need for techniques to support security verification activities.…

Cryptography and Security · Computer Science 2024-07-11 Rahul Kande , Hammond Pearce , Benjamin Tan , Brendan Dolan-Gavitt , Shailja Thakur , Ramesh Karri , Jeyavijayan Rajendran

Multiparty session calculi have been recently equipped with security requirements, in order to guarantee properties such as access control and leak freedom. However, the proposed security requirements seem to be overly restrictive in some…

Logic in Computer Science · Computer Science 2016-06-21 Ilaria Castellani , Mariangiola Dezani-Ciancaglini , Ugo de'Liguoro

Session types are a type discipline for describing and specifying communication behaviours of concurrent processes. Session subtyping, firstly introduced by Gay and Hole, is widely used for enlarging typability of session programs. This…

Programming Languages · Computer Science 2024-05-16 Thien Udomsrirungruang , Nobuko Yoshida

Session types are a discipline for the static verification of message-passing programs. A session type specifies a channel's protocol as sequences of exchanges. It is most relevant to investigate session-based concurrency by identifying the…

Programming Languages · Computer Science 2024-01-24 Alen Arslanagic , Jorge A. Pérez , Anda-Amelia Palamariuc

Program equivalence is the fulcrum for reasoning about and proving properties of programs. For noninterference, for example, program equivalence up to the secrecy level of an observer is shown. A powerful enabler for such proofs are logical…

Programming Languages · Computer Science 2022-08-31 Farzaneh Derakhshan , Stephanie Balzer

Formal verification provides strong safety guarantees but only for models of cyber-physical systems. Hybrid system models describe the required interplay of computation and physical dynamics, which is crucial to guarantee what computations…

Logic in Computer Science · Computer Science 2019-02-26 Stefan Mitsch , André Platzer

A compromised system component can issue message sequences that are legal while also leading the overall system into unsafe states. Such stealthy attacks are challenging to characterize, because message interfaces in standard languages…

Cryptography and Security · Computer Science 2025-03-17 Arthur Amorim , Max Taylor , Trevor Kann , William L. Harrison , Gary T. Leavens , Lance Joneckis

Efforts to secure computing systems via software traditionally focus on the operating system and application levels. In contrast, the Security Protocol and Data Model (SPDM) tackles firmware level security challenges, which are much harder…

Cryptography and Security · Computer Science 2023-07-14 Renan C. A. Alves , Bruno C. Albertini , Marcos A. Simplicio

We present a safety verification framework for design-time and run-time assurance of learning-based components in aviation systems. Our proposed framework integrates two novel methodologies. From the design-time assurance perspective, we…

Systems and Control · Electrical Eng. & Systems 2022-05-17 Ali Baheri , Hao Ren , Benjamin Johnson , Pouria Razzaghi , Peng Wei

A significant amount of both client and server-side cryptography is implemented in JavaScript. Despite widespread concerns about its security, no other language has been able to match the convenience that comes from its ubiquitous support…

Cryptography and Security · Computer Science 2018-12-18 Conrad Watt , John Renner , Natalie Popescu , Sunjay Cauligi , Deian Stefan

Security remains a critical challenge in modern web applications, where threats such as unauthorized access, data breaches, and injection attacks continue to undermine trust and reliability. Traditional Object-Oriented Programming (OOP)…

Software Engineering · Computer Science 2025-09-10 Mterorga Ukor

While formal models of concurrency tend to focus on synchronous communication, asynchronous communication is relevant in practice. In this paper, we will discuss asynchronous communication in the context of session-based concurrency, the…

Programming Languages · Computer Science 2024-12-12 Bas van den Heuvel , Jorge A. Pérez

The number of people accessing online services is increasing day by day, and with new users, comes a greater need for effective and responsive cyber-security. Our goal in this study was to find out if there are common patterns within the…

Cryptography and Security · Computer Science 2024-05-15 Gábor Antal , Balázs Mosolygó , Norbert Vándor , Péter Hegedüs