English
Related papers

Related papers: Security Policy Consistency

200 papers

Firewalls are security devices that perform network traffic filtering. They are ubiquitous in the industry and are a common method used to enforce organizational security policy. Security policy is specified on a high level of abstraction,…

Cryptography and Security · Computer Science 2022-12-08 Ivan Kovačević , Bruno Štengl , Stjepan Groš

CFI is a computer security technique that detects runtime attacks by monitoring a program's branching behavior. This work presents a detailed analysis of the security policies enforced by 21 recent hardware-based CFI architectures. The goal…

Cryptography and Security · Computer Science 2017-08-01 Ruan de Clercq , Ingrid Verbauwhede

A new logic for verification of security policies is proposed. The logic, HyperLTL, extends linear-time temporal logic (LTL) with connectives for explicit and simultaneous quantification over multiple execution paths, thereby enabling…

Logic in Computer Science · Computer Science 2013-07-10 Masoud Koleini , Michael R. Clarkson , Kristopher K. Micinski

Constraint Handling Rules (CHR) is a declarative rule-based formalism and language. Concurrency is inherent as rules can be applied to subsets of constraints in parallel. Parallel implementations of CHR, be it in software, be it in…

Distributed, Parallel, and Cluster Computing · Computer Science 2018-08-24 Thom Frühwirth , Daniel Gall

During software development, balancing security and non security issues is challenging. We focus on security awareness and approaches taken by non-security experts using software development issue trackers when considering security. We…

Software Engineering · Computer Science 2023-08-28 Léon McGregor , Manuel Maarek , Hans-Wolfgang Loidl

Inconsistent political statements represent a form of misinformation. They erode public trust and pose challenges to accountability, when left unnoticed. Detecting inconsistencies automatically could support journalists in asking…

Computation and Language · Computer Science 2025-05-27 Nursulu Sagimbayeva , Ruveyda Betül Bahçeci , Ingmar Weber

Given programming languages can provide different types and levels of security support, it is critically important to consider security aspects while selecting programming languages for developing software systems. Inadequate consideration…

Software Engineering · Computer Science 2021-11-29 Roland Croft , Yongzheng Xie , Mansooreh Zahedi , M. Ali Babar , Christoph Treude

Programmers of cryptographic applications written in C need to avoid common mistakes such as sending private data over public channels, modifying trusted data with untrusted functions, or improperly ordering protocol steps. These secrecy,…

Cryptography and Security · Computer Science 2019-07-04 Darion Cassel , Yan Huang , Limin Jia

Enforcing security requirements in networked information systems relies on security controls to mitigate the risks from increasingly dangerous threats. Configuring security controls is challenging; even nowadays, administrators must perform…

Cryptography and Security · Computer Science 2025-01-14 Cataldo Basile , Gabriele Gatti , Francesco Settanni

Constraint Handling Rules is an effective concurrent declarative programming language and a versatile computational logic formalism. CHR programs consist of guarded reactive rules that transform multisets of constraints. One of the main…

Distributed, Parallel, and Cluster Computing · Computer Science 2018-04-09 Thom Fruehwirth

When undertaking cyber security risk assessments, we must assign numeric values to metrics to compute the final expected loss that represents the risk that an organization is exposed to due to cyber threats. Even if risk assessment is…

Computer Science and Game Theory · Computer Science 2017-12-19 Andrew Fielder , Sandra Konig , Emmanouil Panaousis , Stefan Schauer , Stefan Rass

System goals are the statements that, in the context of software requirements specification, capture how the software should behave. Many times, the understanding of stakeholders on what the system should do, as captured in the goals, can…

Software Engineering · Computer Science 2023-03-10 Luiz Carvalho , Renzo Degiovanni , Matìas Brizzio , Maxime Cordy , Nazareno Aguirre , Yves Le Traon , Mike Papadakis

The ever increasing complexity of hardware platforms poses a challenge to systems programmers. Correctly programming a multitude of components, providing functionality and security, is difficult: semantics of individual units are described…

Cryptography and Security · Computer Science 2026-04-21 Ben Fiedler , Samuel Gruetter , Timothy Roscoe

Today's software systems are highly distributed and interconnected, and they increasingly rely on communication to achieve their goals; due to their societal importance, security and trustworthiness are crucial aspects for the correctness…

Confluence of a nondeterministic program ensures a functional input-output relation, freeing the programmer from considering the actual scheduling strategy, and allowing optimized and perhaps parallel implementations. The more general…

Programming Languages · Computer Science 2018-09-14 Henning Christiansen , Maja Kirkeby

XML access control policies involving updates may contain security flaws, here called inconsistencies, in which a forbidden operation may be simulated by performing a sequence of allowed operations. This paper investigates the problem of…

Databases · Computer Science 2007-08-16 Loreto Bravo , James Cheney , Irini Fundulaki

Information security isn't just about software and hardware -- it's at least as much about policies and processes. But the research community overwhelmingly focuses on the former over the latter, while gaping policy and process problems…

Cryptography and Security · Computer Science 2024-03-25 Arvind Narayanan , Kevin Lee

When enterprises deploy multiple firewalls, a packet may be examined by different sets of firewalls. It has been observed that the resulting complex firewall network is highly error prone and causes serious security holes. Hence, automated…

Cryptography and Security · Computer Science 2012-07-17 Nihel Ben Youssef Ben Souayeh , Adel Bouhoula

We introduce Conflict-Aware Replicated Data Types (CARDs). CARDs are significantly more expressive than Conflict-free Replicated Data Types (CRDTs) as they support operations that can conflict with each other. Introducing conflicting…

Distributed, Parallel, and Cluster Computing · Computer Science 2018-09-27 Nicholas V. Lewchenko , Arjun Radhakrishna , Akash Gaonkar , Pavol Černý

The importance of security metrics can hardly be overstated. Despite the attention that has been paid by the academia, government and industry in the past decades, this important problem stubbornly remains open. In this survey, we present a…

Cryptography and Security · Computer Science 2016-01-25 Marcus Pendleton , Richard Garcia-Lebron , Shouhuai Xu