中文
相关论文

相关论文: Security for Distributed Web-Applications via Aspe…

200 篇论文

Software systems have grown as an indispensable commodity used across various industries, and almost all essential services depend on them for effective operation. The software is no longer an independent or stand-alone piece of code…

软件工程 · 计算机科学 2025-05-29 Ritwik Murali , Akash Ravi

The software supply chain attacks are becoming more and more focused on trusted development and delivery procedures, so the conventional post-build integrity mechanisms cannot be used anymore. The available frameworks like SLSA, SBOM and in…

密码学与安全 · 计算机科学 2025-12-30 Toqeer Ali Syed , Mohammad Riyaz Belgaum , Salman Jan , Asadullah Abdullah Khan , Saad Said Alqahtani

One single error can result in a total compromise of all security in today's large, monolithic software. Partitioning of software can help simplify code-review and verification, whereas isolated execution of software-components limits the…

密码学与安全 · 计算机科学 2017-06-16 Alexander Senier , Martin Beck , Thorsten Strufe

"Distributed Identity" refers to the transition from centralized identity systems using Decentralized Identifiers (DID) and Verifiable Credentials (VC) for secure and privacy-preserving authentications. With distributed identity, control of…

密码学与安全 · 计算机科学 2025-01-17 Sina Ahmadi

In the design of software and cyber-physical systems, security is often perceived as a qualitative need, but can only be attained quantitatively. Especially when distributed components are involved, it is hard to predict and confront all…

密码学与安全 · 计算机科学 2018-03-30 Roberto Vigo , Flemming Nielson , Hanne Riis Nielson

Recent progress in (Large) Language Models (LMs) has enabled the development of autonomous LM-based agents capable of executing complex tasks with minimal supervision. These agents have started to be integrated into systems with significant…

密码学与安全 · 计算机科学 2026-03-04 Federico Villa , F. Betül Durak , Tadayoshi Kohno , Tapdig Maharramli , Franziska Roesner

Design by Contract (DbC) and runtime enforcement of program assertions enables the construction of more robust software. It also enables the assignment of blame in error reporting. Unfortunately, there is no support for runtime contract…

软件工程 · 计算机科学 2007-05-23 David H. Lorenz , Therapon Skotiniotis

Federated identity management enables users to access multiple systems using a single login credential. However, to achieve this a complex privacy compromising authentication has to occur between the user, relying party (RP) (e.g., a…

密码学与安全 · 计算机科学 2019-06-27 Peter Mell , Jim Dray , James Shook

In modern internet-scale computing, interaction between a large number of parties that are not known a-priori is predominant, with each party functioning both as a provider and consumer of services and information. In such an environment,…

密码学与安全 · 计算机科学 2021-09-06 Christos-Minas Mathas , Costas Vassilakis , Nicholas Kolokotronis

This paper explores technology permitting arbitrary application components to be exposed for remote access from other software. Using this, the application and its constituent components can be written without concern for its distribution.…

分布式、并行与集群计算 · 计算机科学 2010-06-24 Scott Walker , Alan Dearle , Graham Kirby , Stuart Norcross

The advance of web services technologies promises to have far-reaching effects on the Internet and enterprise networks allowing for greater accessibility of data. The security challenges presented by the web services approach are…

计算机科学中的逻辑 · 计算机科学 2012-06-15 Michele Barletta , Silvio Ranise , Luca Viganò

LLM-enabled applications are rapidly reshaping the software ecosystem by using large language models as core reasoning components for complex task execution. This paradigm shift, however, introduces fundamentally new reliability challenges…

密码学与安全 · 计算机科学 2026-02-24 Yedi Zhang , Haoyu Wang , Xianglin Yang , Jin Song Dong , Jun Sun

Recent trend towards cloud computing paradigm, smart devices and 4G wireless technologies has enabled seamless data sharing among users. Cloud computing environment is distributed and untrusted, hence data owners have to encrypt their data…

密码学与安全 · 计算机科学 2016-02-04 Yogachandran Rahulamathavan

This paper describes an implemented system which is designed to support the deployment of applications offering distributed services, comprising a number of distributed components. This is achieved by creating high level placement and…

分布式、并行与集群计算 · 计算机科学 2010-06-24 Alan Dearle , Graham Kirby , Andrew McCarthy , Juan-Carlos Diaz y Carballo

Authentication is a fundamental security means for protecting system resources. Authenticator-centric authentication techniques (AuthN Techniques) address how mechanisms and credentials are used via Authenticators. There are many AuthN…

密码学与安全 · 计算机科学 2026-04-07 Alex R. Mattukat , Vincent Schmandt , Timo Langstrof , Michael Zerbe , Horst Lichter

In agile ontology-based software engineering projects support for modular reuse of ontologies from large existing remote repositories, ontology project life cycle management, and transitive dependency management are important needs. The…

软件工程 · 计算机科学 2015-07-02 Adrian Paschke , Ralph Schaefermeier

The software supply chain comprises a highly complex set of operations, processes, tools, institutions and human factors involved in creating a piece of software. A number of high-profile attacks that exploit a weakness in this complex…

密码学与安全 · 计算机科学 2024-05-30 Eman Abu Ishgair , Marcela S. Melara , Santiago Torres-Arias

Context: Mobile devices have become an essential element in our daily lives, even for connecting to the Internet. Consequently, Web services have become extremely important when offering services through the Internet. However, current Web…

软件工程 · 计算机科学 2024-01-30 Guadalupe Ortiz , Alfonso Garcia-de-Prado

This paper tackles the problems of generating concrete test cases for testing whether an application is vulnerable to attacks, and of checking whether security solutions are correctly implemented. The approach proposed in the paper aims at…

软件工程 · 计算机科学 2020-07-08 Sébastien Salva , Loukmen Regainia

An information owner, possessing diverse data sources, might want to offer information services based on these sources to cooperation partners and to this end interact with these partners by receiving and sending messages, which the owner…

密码学与安全 · 计算机科学 2017-07-27 Joachim Biskup , Cornelia Tadros , Jaouad Zarouali