中文
相关论文

相关论文: Security Policy Specification Using a Graphical Ap…

200 篇论文

Security must be considered in almost every software system. Unfortunately, selecting and implementing security features remains challenging due to the variety of security threats and possible countermeasures. While security standards are…

Access-control requirements for physical spaces, like office buildings and airports, are best formulated from a global viewpoint in terms of system-wide requirements. For example, "there is an authorized path to exit the building from every…

密码学与安全 · 计算机科学 2016-05-09 Petar Tsankov , Mohammad Torabi Dashti , David Basin

While the engineering of operating systems is well understood, their formal structure and properties are not. The latter needs a clear definition of the purpose of an OS and an identification of the core. In this paper I offer definitions…

操作系统 · 计算机科学 2012-02-20 Abhijat Vichare

Workflows specify collections of tasks that must be executed under the responsibility or supervision of human users. Workflow management systems and workflow-driven applications need to enforce security policies in the form of access…

密码学与安全 · 计算机科学 2017-06-23 Daniel Ricardo dos Santos , Silvio Ranise

Information-flow interfaces is a formalism recently proposed for specifying, composing, and refining system-wide security requirements. In this work, we show how the widely used concept of security lattices provides a natural semantic…

形式语言与自动机理论 · 计算机科学 2024-06-21 Ezio Bartocci , Thomas A. Henzinger , Dejan Nickovic , Ana Oliveira da Costa

Cryptographic protocols aim at securing communications over insecure networks such as the Internet, where dishonest users may listen to communications and interfere with them. A secure communication has a different meaning depending on the…

密码学与安全 · 计算机科学 2016-11-10 Stéphanie Delaune , Lucca Hirschi

Security of information flow is commonly understood as preventing any information leakage, regardless of how grave or harmless consequences the leakage can have. In this work, we suggest that information security is not a goal in itself,…

密码学与安全 · 计算机科学 2016-08-09 Wojciech Jamroga , Masoud Tabatabaei

The importance of information security dramatically increased and will further grow due to the shape and nature of the modern computing industry. Software is published at a continuously increasing pace. The Internet of Things and security…

密码学与安全 · 计算机科学 2022-05-10 Mattia Paccamiccio , Leonardo Mostarda

A policy describes the conditions under which an action is permitted or forbidden. We show that a fragment of (multi-sorted) first-order logic can be used to represent and reason about policies. Because we use first-order logic, policies…

计算机科学中的逻辑 · 计算机科学 2007-05-23 Joseph Y. Halpern , Vicky Weissman

This article argues that security is not enough to fully capture what is at stake in government exceptional access to encrypted data. A conception of privacy as security has little to say about ``lawful-surveillance protocols'' -- an active…

密码学与安全 · 计算机科学 2026-03-03 Artur Pericles L. Monteiro

Users increasingly create, manage and share digital resources, including sensitive data, via cloud platforms and APIs. Platforms encode the rules governing access to these resources, referred to as \textit{security policies}, using…

密码学与安全 · 计算机科学 2023-07-13 Joe Stubbs , Smruti Padhy , Richard Cardone , Steven Black

Operational semantics has established itself as a flexible but rigorous means to describe the meaning of programming languages. Oftentimes, it is felt necessary to keep a semantics small, for example to facilitate its use for model checking…

分布式、并行与集群计算 · 计算机科学 2015-03-17 Benjamin Morandi , Sebastian Nanz , Bertrand Meyer

Security Assurance Cases (SAC) are structured bodies of arguments and evidence used to reason about security properties of a certain artefact. SAC are gaining focus in the automotive domain as the need for security assurance is growing due…

密码学与安全 · 计算机科学 2024-09-10 Mazen Mohamad

Policy Cards are introduced as a machine-readable, deployment-layer standard for expressing operational, regulatory, and ethical constraints for AI agents. The Policy Card sits with the agent and enables it to follow required constraints at…

人工智能 · 计算机科学 2025-10-29 Juraj Mavračić

Security situational awareness refers to identifying, mitigating, and preventing digital cyber threats by gathering information to understand the current situation. With awareness, the basis for decisions is present, particularly in complex…

密码学与安全 · 计算机科学 2025-03-07 Daniela Pöhn , Heiner Lüken

We outline the design of a framework for modelling cloud computing systems.The approach is based on a declarative programming model which takes the form of a lambda-calculus enriched with suitable mechanisms to express and enforce…

密码学与安全 · 计算机科学 2010-10-28 Chiara Bodei , Viet Dung Dinh , Gian Luigi Ferrari

This paper studies the synthesis of control policies for an agent that has to satisfy a temporal logic specification in a partially observable environment, in the presence of an adversary. The interaction of the agent (defender) with the…

系统与控制 · 计算机科学 2019-03-19 Bhaskar Ramasubramanian , Andrew Clark , Linda Bushnell , Radha Poovendran

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is not achievable and the limited…

密码学与安全 · 计算机科学 2007-05-23 Xiamoneg Su , Damiano Bolzoni , Pascal van Eck

Education in the practical applications of logic and proving such as the formal specification and verification of computer programs is substantially hampered by the fact that most time and effort that is invested in proving is actually…

计算机科学中的逻辑 · 计算机科学 2018-03-06 Wolfgang Schreiner , Alexander Brunhuemer , Christoph Fürst

Information protection is becoming a focal point for designing, creating and implementing software applications within highly integrated technology environments. The use of a safe coding technique in the software development process is…