English
Related papers

Related papers: WAIT: Protecting the Integrity of Web Applications…

200 papers

Transparency and accountability are indispensable principles for modern data protection, from both, legal and technical viewpoints. Regulations such as the GDPR, therefore, require specific transparency information to be provided including,…

Computers and Society · Computer Science 2023-09-06 Elias Grünewald , Johannes M. Halkenhäußer , Nicola Leschke , Frank Pallas

Currently, the TCP/IP model enables exploitation of vulnerabilities anonymously by unconditionally fulfilling every request for a connection into an application; the model only incorporates authentication within applications themselves,…

Cryptography and Security · Computer Science 2025-09-17 Jonathon Anderson

Security and Privacy are crucial in modern Internet services. Transport Layer Security (TLS) has largely addressed the issue of security. However, information about the type of service being accessed goes in plain-text in the initial…

Cryptography and Security · Computer Science 2022-07-06 Vinod S. Khandkar , Manjesh K. Hanawal , Sameer G Kulkarni

Microarchitectural side channels expose unprotected software to information leakage attacks where a software adversary is able to track runtime behavior of a benign process and steal secrets such as cryptographic keys. As suggested by…

Cryptography and Security · Computer Science 2023-04-25 Jan Wichelmann , Ahmad Moghimi , Thomas Eisenbarth , Berk Sunar

In cloud computing, data processing is delegated to a remote party for efficiency and flexibility reasons. A practical user requirement usually is that the confidentiality and integrity of data processing needs to be protected. In the…

Cryptography and Security · Computer Science 2019-06-20 Lamya Abdullah , Felix Freiling , Juan Quintero , Zinaida Benenson

Billions of secure messaging users have adopted end-to-end encryption (E2EE). Nevertheless, challenges remain. Most communication applications do not provide E2EE, and application silos prevent interoperability. Our qualitative analysis of…

Cryptography and Security · Computer Science 2023-11-03 Tarun Yadav , Austin Cook , Justin Hales , Kent Seamons

Privacy analysis is critical but also a time-consuming and tedious task. We present a formalization which eases designing and auditing high-level privacy properties of software architectures. It is incorporated into a larger policy analysis…

Cryptography and Security · Computer Science 2018-06-11 Marcel von Maltitz , Cornelius Diekmann , Georg Carle

We propose a novel type system for verifying that programs correctly implement constant-resource behavior. Our type system extends recent work on automatic amortized resource analysis (AARA), a set of techniques that automatically derive…

Programming Languages · Computer Science 2018-01-09 Van Chan Ngo , Mario Dehesa-Azuara , Matthew Fredrikson , Jan Hoffmann

We claim that existing techniques and tools for generating and verifying constant-time code are incomplete, since they rely on assumptions that compiler optimization passes do not break constant-timeness or that certain operations execute…

Cryptography and Security · Computer Science 2023-11-27 Garrett Gu , Hovav Shacham

A Webview embeds a full-fledged browser in a mobile application and allows the application to expose a custom interface to JavaScript code. This is a popular technique to build so-called hybrid applications, but it circumvents the usual…

Cryptography and Security · Computer Science 2019-05-08 Claudio Rizzo , Lorenzo Cavallaro , Johannes Kinder

Defects in requirements specifications can have severe consequences during the software development lifecycle. Some of them may result in poor product quality and/or time and budget overruns due to incorrect or missing quality…

Software Engineering · Computer Science 2020-09-09 Hugo Villamizar , Marcos Kalinowski , Alessandro Garcia , Daniel Mendez Fernández

Obtaining and maintaining anonymity on the Internet is challenging. The state of the art in deployed tools, such as Tor, uses onion routing (OR) to relay encrypted connections on a detour passing through randomly chosen relays scattered…

Cryptography and Security · Computer Science 2015-01-06 Joan Feigenbaum , Bryan Ford

Storage integrity is essential to systems and applications that use untrusted storage (e.g., public clouds, end-user devices). However, known methods for achieving storage integrity either suffer from high (and often prohibitive) overheads…

Cryptography and Security · Computer Science 2025-04-10 Quinn Burke , Ryan Sheatsley , Yohan Beugin , Eric Pauley , Owen Hines , Michael Swift , Patrick McDaniel

This paper outlines a comprehensive model to increase system efficiency, preserve network bandwidth, monitor incoming and outgoing packets, ensure the security of confidential files and reduce power wastage in an organization. This model…

Networking and Internet Architecture · Computer Science 2013-04-19 Ramya Mohan

Modern web applications can now offer desktop-like experiences from within the browser, thanks to technologies such as WebSockets, which enable low-latency duplex communication between the browser and the server. While these advances are…

Programming Languages · Computer Science 2019-04-03 Jonathan King , Nicholas Ng , Nobuko Yoshida

With the increasing use of online services, the protection of the privacy of users becomes more and more important. This is particularly critical as authentication and authorization as realized on the Internet nowadays, typically relies on…

Cryptography and Security · Computer Science 2025-03-05 Daniel Slamanig

In (single-server) Private Information Retrieval (PIR), a server holds a large database $DB$ of size $n$, and a client holds an index $i \in [n]$ and wishes to retrieve $DB[i]$ without revealing $i$ to the server. It is well known that…

Quantum Physics · Physics 2020-03-05 Dorit Aharonov , Zvika Brakerski , Kai-Min Chung , Ayal Green , Ching-Yi Lai , Or Sattath

Web application security has become a major concern in recent years, as more and more content and services are available online. A useful method for identifying security vulnerabilities is black-box testing, which relies on an automated…

Cryptography and Security · Computer Science 2020-01-07 Ilan Ben-Bassat , Erez Rokah

This paper proposes a novel visual model for web applications security monitoring. Although an automated intrusion detection system can shield a web application from common attacks, it usually cannot detect more complicated break-ins. So, a…

Cryptography and Security · Computer Science 2019-04-09 Tran Tri Dang , Tran Khanh Dang

Trusted execution environments (TEEs) protect the integrity and confidentiality of running code and its associated data. Nevertheless, TEEs' integrity protection does not extend to the state saved on disk. Furthermore, modern cloud-native…

Cryptography and Security · Computer Science 2024-08-16 Ardhi Putra Pratama Hartono , Andrey Brito , Christof Fetzer
‹ Prev 1 4 5 6 7 8 10 Next ›