English
Related papers

Related papers: Security Policy Specification Using a Graphical Ap…

200 papers

Security must be considered in almost every software system. Unfortunately, selecting and implementing security features remains challenging due to the variety of security threats and possible countermeasures. While security standards are…

Access-control requirements for physical spaces, like office buildings and airports, are best formulated from a global viewpoint in terms of system-wide requirements. For example, "there is an authorized path to exit the building from every…

Cryptography and Security · Computer Science 2016-05-09 Petar Tsankov , Mohammad Torabi Dashti , David Basin

While the engineering of operating systems is well understood, their formal structure and properties are not. The latter needs a clear definition of the purpose of an OS and an identification of the core. In this paper I offer definitions…

Operating Systems · Computer Science 2012-02-20 Abhijat Vichare

Workflows specify collections of tasks that must be executed under the responsibility or supervision of human users. Workflow management systems and workflow-driven applications need to enforce security policies in the form of access…

Cryptography and Security · Computer Science 2017-06-23 Daniel Ricardo dos Santos , Silvio Ranise

Information-flow interfaces is a formalism recently proposed for specifying, composing, and refining system-wide security requirements. In this work, we show how the widely used concept of security lattices provides a natural semantic…

Formal Languages and Automata Theory · Computer Science 2024-06-21 Ezio Bartocci , Thomas A. Henzinger , Dejan Nickovic , Ana Oliveira da Costa

Cryptographic protocols aim at securing communications over insecure networks such as the Internet, where dishonest users may listen to communications and interfere with them. A secure communication has a different meaning depending on the…

Cryptography and Security · Computer Science 2016-11-10 Stéphanie Delaune , Lucca Hirschi

Security of information flow is commonly understood as preventing any information leakage, regardless of how grave or harmless consequences the leakage can have. In this work, we suggest that information security is not a goal in itself,…

Cryptography and Security · Computer Science 2016-08-09 Wojciech Jamroga , Masoud Tabatabaei

The importance of information security dramatically increased and will further grow due to the shape and nature of the modern computing industry. Software is published at a continuously increasing pace. The Internet of Things and security…

Cryptography and Security · Computer Science 2022-05-10 Mattia Paccamiccio , Leonardo Mostarda

A policy describes the conditions under which an action is permitted or forbidden. We show that a fragment of (multi-sorted) first-order logic can be used to represent and reason about policies. Because we use first-order logic, policies…

Logic in Computer Science · Computer Science 2007-05-23 Joseph Y. Halpern , Vicky Weissman

This article argues that security is not enough to fully capture what is at stake in government exceptional access to encrypted data. A conception of privacy as security has little to say about ``lawful-surveillance protocols'' -- an active…

Cryptography and Security · Computer Science 2026-03-03 Artur Pericles L. Monteiro

Users increasingly create, manage and share digital resources, including sensitive data, via cloud platforms and APIs. Platforms encode the rules governing access to these resources, referred to as \textit{security policies}, using…

Cryptography and Security · Computer Science 2023-07-13 Joe Stubbs , Smruti Padhy , Richard Cardone , Steven Black

Operational semantics has established itself as a flexible but rigorous means to describe the meaning of programming languages. Oftentimes, it is felt necessary to keep a semantics small, for example to facilitate its use for model checking…

Distributed, Parallel, and Cluster Computing · Computer Science 2015-03-17 Benjamin Morandi , Sebastian Nanz , Bertrand Meyer

Security Assurance Cases (SAC) are structured bodies of arguments and evidence used to reason about security properties of a certain artefact. SAC are gaining focus in the automotive domain as the need for security assurance is growing due…

Cryptography and Security · Computer Science 2024-09-10 Mazen Mohamad

Policy Cards are introduced as a machine-readable, deployment-layer standard for expressing operational, regulatory, and ethical constraints for AI agents. The Policy Card sits with the agent and enables it to follow required constraints at…

Artificial Intelligence · Computer Science 2025-10-29 Juraj Mavračić

Security situational awareness refers to identifying, mitigating, and preventing digital cyber threats by gathering information to understand the current situation. With awareness, the basis for decisions is present, particularly in complex…

Cryptography and Security · Computer Science 2025-03-07 Daniela Pöhn , Heiner Lüken

We outline the design of a framework for modelling cloud computing systems.The approach is based on a declarative programming model which takes the form of a lambda-calculus enriched with suitable mechanisms to express and enforce…

Cryptography and Security · Computer Science 2010-10-28 Chiara Bodei , Viet Dung Dinh , Gian Luigi Ferrari

This paper studies the synthesis of control policies for an agent that has to satisfy a temporal logic specification in a partially observable environment, in the presence of an adversary. The interaction of the agent (defender) with the…

Systems and Control · Computer Science 2019-03-19 Bhaskar Ramasubramanian , Andrew Clark , Linda Bushnell , Radha Poovendran

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is not achievable and the limited…

Cryptography and Security · Computer Science 2007-05-23 Xiamoneg Su , Damiano Bolzoni , Pascal van Eck

Education in the practical applications of logic and proving such as the formal specification and verification of computer programs is substantially hampered by the fact that most time and effort that is invested in proving is actually…

Logic in Computer Science · Computer Science 2018-03-06 Wolfgang Schreiner , Alexander Brunhuemer , Christoph Fürst

Information protection is becoming a focal point for designing, creating and implementing software applications within highly integrated technology environments. The use of a safe coding technique in the software development process is…

Software Engineering · Computer Science 2020-12-11 Isaac Chin Eian , Lim Ka Yong , Majesty Yeap Xiao Li , Noor Affan Bin Noor Hasmaddi , Fatima-tuz-Zahra