English
Related papers

Related papers: Security Policy Specification Using a Graphical Ap…

200 papers

We introduce SCIO*, a formally secure compilation framework for statically verified partial programs performing input-output (IO). The source language is an F* subset in which a verified program interacts with its IO-performing context via…

We propose a new formal criterion for secure compilation, providing strong security guarantees for components written in unsafe, low-level languages with C-style undefined behavior. Our criterion goes beyond recent proposals, which protect…

Whenever we think of cyber applications, we visualize the model that gives the idea that we are sitting in front of computer at home or workplace connected to internet and performing all the work that generally we have to go and do on a…

Computers and Society · Computer Science 2013-05-08 Urmila Shrawankar , V M Thakare

Information flow policies are often dynamic; the security concerns of a program will typically change during execution to reflect security-relevant events. A key challenge is how to best specify, and give proper meaning to, such dynamic…

Cryptography and Security · Computer Science 2015-09-24 Niklas Broberg , Bart van Delft , David Sands

Network protocols are programs with inputs and outputs that follow predefined communication patterns to synchronize and exchange information. There are many protocols and each serves a different purpose, e.g., routing, transport, secure…

Cryptography and Security · Computer Science 2025-11-04 Max von Hippel

Access control policies are used to restrict access to sensitive records for authorized users only. One approach for specifying policies is using role based access control (RBAC) where authorization is given to roles instead of users. Users…

Cryptography and Security · Computer Science 2015-03-27 Khair Eddin Sabri

A model-theoretic approach can establish security theorems for cryptographic protocols. Formulas expressing authentication and non-disclosure properties of protocols have a special form. They are quantified implications for all xs . (phi…

Cryptography and Security · Computer Science 2009-11-12 Joshua Guttman

We consider the automatic verification of information flow security policies of web-based workflows, such as conference submission systems like EasyChair. Our workflow description language allows for loops, non-deterministic choice, and an…

Logic in Computer Science · Computer Science 2017-08-31 Bernd Finkbeiner , Christian Müller , Helmut Seidl , Eugen Zălinescu

Access control in the Internet of Things (IoT) is becoming increasingly complex, as policies must account for dynamic and contextual factors such as time, location, user behavior, and environmental conditions. However, existing platforms…

Computation and Language · Computer Science 2025-06-02 Ye Cheng , Minghui Xu , Yue Zhang , Kun Li , Hao Wu , Yechao Zhang , Shaoyong Guo , Wangjie Qiu , Dongxiao Yu , Xiuzhen Cheng

Specification mining offers a solution by automating security specification for hardware. Specification miners use a form of machine learning to specify behaviors of a system by studying a system in execution. However, specification mining…

Cryptography and Security · Computer Science 2021-08-23 Calvin Deutschbein

The design of authentication protocols, for online banking services in particular and any service that is of sensitive nature in general, is quite challenging. Indeed, enforcing security guarantees has overhead thus imposing additional…

Cryptography and Security · Computer Science 2011-12-13 DaeHun Nyang , Abedelaziz Mohaisen , Taekyoung Kwon , Brent Kang , Angelos Stavrou

The dependency core calculus (DCC), a simple extension of the computational lambda calculus, captures a common notion of dependency that arises in many programming language settings. This notion of dependency is closely related to the…

Programming Languages · Computer Science 2010-04-09 Avik Chaudhuri

The transformation of power grids into intelligent cyber-physical systems brings numerous benefits, but also significantly increases the surface for cyber-attacks, demanding appropriate countermeasures. However, the development, validation,…

Cryptography and Security · Computer Science 2022-09-12 Ömer Sen Dennis van der Velde , Maik Lühman , Florian Sprünken , Immanuel Hacker , Andreas Ulbig , Michael Andres , Martin Henze

Authentication, authorization, and trust verification are central parts of an access control system. The conditions for granting access in such a system are collected in access policies. Since access conditions are often complex, dedicated…

Cryptography and Security · Computer Science 2022-12-06 Stefan More , Sebastian Ramacher , Lukas Alber , Marco Herzl

Improvements in software defined networking allow for policy to be informed and modified by data-driven applications that can adjust policy to accommodate fluctuating requirements at line speed. However, there is some concern that…

Cryptography and Security · Computer Science 2026-01-27 Yi Lyu , Shichun Yu , Joe Catudal

Large Language Models (LLMs) face a fundamental safety-helpfulness trade-off due to static, one-size-fits-all safety policies that lack runtime controllabilityxf, making it difficult to tailor responses to diverse application needs. %As a…

Computation and Language · Computer Science 2026-02-09 Jianfeng Si , Lin Sun , Weihong Lin , Xiangzheng Zhang

Modern software systems rely on mining insights from business sensitive data stored in public clouds. A data breach usually incurs significant (monetary) loss for a commercial organization. Conceptually, cloud security heavily relies on…

Cryptography and Security · Computer Science 2022-06-14 Mikhail Kazdagli , Mohit Tiwari , Akshat Kumar

Policy specification for personal user data is a hard problem, as it depends on many factors that cannot be predetermined by system developers. Simultaneously, systems are increasingly relying on users to make security decisions. In this…

Cryptography and Security · Computer Science 2017-07-14 Adwait Nadkarni , William Enck , Somesh Jha , Jessica Staddon

Most software factories contain applications with sensitive information that needs to be protected against breaches of confidentiality and integrity, which can have serious consequences. In the context of large factories with complex…

Programming Languages · Computer Science 2019-09-10 Miguel Loureiro , Luísa Lourenço , Lúcio Ferrão , Carla Ferreira

Security in LLM agents is inherently contextual. For example, the same action taken by an agent may represent legitimate behavior or a security violation depending on whose instruction led to the action, what objective is being pursued, and…

Cryptography and Security · Computer Science 2026-03-23 Vincent Siu , Jingxuan He , Kyle Montgomery , Zhun Wang , Neil Gong , Chenguang Wang , Dawn Song
‹ Prev 1 3 4 5 6 7 10 Next ›