English
Related papers

Related papers: Specifying and Implementing Security Policies Usin…

200 papers

As networks expand in size and complexity, they pose greater administrative and management challenges. Software Defined Networks (SDN) offer a promising approach to meeting some of these challenges. In this paper, we propose a policy driven…

Cryptography and Security · Computer Science 2018-06-07 Vijay Varadharajan , Kallol Karmakar , Uday Tupakula , Michael Hitchens

We propose a new static approach to Role-Based Access Control (RBAC) policy enforcement. The static approach we advocate includes a new design methodology, for applications involving RBAC, which integrates the security requirements into the…

Software Engineering · Computer Science 2014-09-12 Asad Ali , Maribel Fernández

We propose a method to optimise the parameters of a policy which will be used to safely perform a given task in a data-efficient manner. We train a Gaussian process model to capture the system dynamics, based on the PILCO framework. Our…

Machine Learning · Statistics 2019-12-03 Kyriakos Polymenakos , Alessandro Abate , Stephen Roberts

The reliance of Large Language Models and Internet of Things systems on massive, globally distributed data flows creates systemic security and privacy challenges. When data traverses borders, it becomes subject to conflicting legal regimes,…

Cryptography and Security · Computer Science 2026-01-13 Chalitha Handapangoda

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

Cryptography and Security · Computer Science 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

This paper introduces language-based agent control (LBAC), a new programming model for agentic applications that brings techniques from programming languages and language-based security to the problem of agent control. In conventional…

Programming Languages · Computer Science 2026-05-14 Timothy Zhou , Loris D'Antoni , Nadia Polikarpova

Information flow security is classically formulated in terms of the absence of illegal information flows, with respect to a security setting consisting of a single flow policy that specifies what information flows should be permitted in the…

Programming Languages · Computer Science 2019-01-09 Ana Almeida Matos , Jan Cederquist

CySecTool is a tool that finds a cost-optimal security controls portfolio in a given budget for a probabilistic attack graph. A portfolio is a set of counter-measures, or controls, against vulnerabilities adopted for a computer system,…

Cryptography and Security · Computer Science 2022-04-26 Przemysław Buczkowski , Pasquale Malacaria , Chris Hankin , Andrew Fielder

Key Assignment Schemes (KASs) have been extensively studied in the context of cryptographically-enforced access control, where derived keys are used to decrypt protected resources. In this paper, we explore the use of KASs in entity…

Cryptography and Security · Computer Science 2013-03-19 James Alderman , Jason Crampton

Writing a platform for reactive applications which enforces operational constraints is difficult, and has been approached in various ways. In this experience report, we detail an approach using an embedded DSL which can be used to specify…

Software Engineering · Computer Science 2015-04-09 Paul van der Walt

Security-critical system requirements are increasingly enforced through mandatory access control systems. These systems are controlled by security policies, highly sensitive system components, which emphasizes the paramount importance of…

Cryptography and Security · Computer Science 2017-06-13 Peter Amthor

Language-based information flow methods offer a principled way to enforce strong security properties, but enforcing noninterference is too inflexible for realistic applications. Security-typed languages have therefore introduced…

Programming Languages · Computer Science 2015-07-01 Aslan Askarov , Andrew Myers

Risk assessment plays a crucial role in ensuring the security and resilience of modern computer systems. Existing methods for conducting risk assessments often suffer from tedious and time-consuming processes, making it challenging to…

Cryptography and Security · Computer Science 2023-07-27 Simon Unger , Ektor Arzoglou , Markus Heinrich , Dirk Scheuermann , Stefan Katzenbeisser

We design a graph-based framework for the visualisation and analysis of obligations in access control policies. We consider obligation policies in CBACO, the category-based access control model, which has been shown to subsume many of the…

Logic in Computer Science · Computer Science 2021-11-02 Sandra Alves , Jorge Iglésias

Large Language Models (LLMs) are increasingly acting as autonomous agents, but their continuous interaction with the environment can lead to in-context reward hacking (ICRH), a phenomenon where LLMs iteratively optimize their behavior to…

Computation and Language · Computer Science 2026-05-28 Jiayong Wan , Jiawei Chen , Zhaoxia Yin , Liu Shuyuan , Hang Su

Intensional sets are sets given by a property rather than by enumerating their elements. In previous work, we have proposed a decision procedure for a first-order logic language which provides Restricted Intensional Sets (RIS), i.e., a…

Programming Languages · Computer Science 2020-08-03 Maximiliano Cristiá , Andrea Fois , Gianfranco Rossi

A major challenge to deploying cyber-physical systems with learning-enabled controllers is to ensure their safety, especially in the face of changing environments that necessitate runtime knowledge acquisition. Model-checking and automated…

Programming Languages · Computer Science 2025-02-27 Yao Feng , Jun Zhu , André Platzer , Jonathan Laurent

Users increasingly create, manage and share digital resources, including sensitive data, via cloud platforms and APIs. Platforms encode the rules governing access to these resources, referred to as \textit{security policies}, using…

Cryptography and Security · Computer Science 2023-07-13 Joe Stubbs , Smruti Padhy , Richard Cardone , Steven Black

Constraints such as separation-of-duty are widely used to specify requirements that supplement basic authorization policies. However, the existence of constraints (and authorization policies) may mean that a user is unable to fulfill…

Cryptography and Security · Computer Science 2016-12-20 Pierre Bergé , Jason Crampton , Gregory Gutin , Rémi Watrigant

Cedar is a new authorization policy language designed to be ergonomic, fast, safe, and analyzable. Rather than embed authorization logic in an application's code, developers can write that logic as Cedar policies and delegate access…