中文
相关论文

相关论文: Security Policy Specification Using a Graphical Ap…

200 篇论文

We introduce SCIO*, a formally secure compilation framework for statically verified partial programs performing input-output (IO). The source language is an F* subset in which a verified program interacts with its IO-performing context via…

We propose a new formal criterion for secure compilation, providing strong security guarantees for components written in unsafe, low-level languages with C-style undefined behavior. Our criterion goes beyond recent proposals, which protect…

Whenever we think of cyber applications, we visualize the model that gives the idea that we are sitting in front of computer at home or workplace connected to internet and performing all the work that generally we have to go and do on a…

计算机与社会 · 计算机科学 2013-05-08 Urmila Shrawankar , V M Thakare

Information flow policies are often dynamic; the security concerns of a program will typically change during execution to reflect security-relevant events. A key challenge is how to best specify, and give proper meaning to, such dynamic…

密码学与安全 · 计算机科学 2015-09-24 Niklas Broberg , Bart van Delft , David Sands

Network protocols are programs with inputs and outputs that follow predefined communication patterns to synchronize and exchange information. There are many protocols and each serves a different purpose, e.g., routing, transport, secure…

密码学与安全 · 计算机科学 2025-11-04 Max von Hippel

Access control policies are used to restrict access to sensitive records for authorized users only. One approach for specifying policies is using role based access control (RBAC) where authorization is given to roles instead of users. Users…

密码学与安全 · 计算机科学 2015-03-27 Khair Eddin Sabri

A model-theoretic approach can establish security theorems for cryptographic protocols. Formulas expressing authentication and non-disclosure properties of protocols have a special form. They are quantified implications for all xs . (phi…

密码学与安全 · 计算机科学 2009-11-12 Joshua Guttman

We consider the automatic verification of information flow security policies of web-based workflows, such as conference submission systems like EasyChair. Our workflow description language allows for loops, non-deterministic choice, and an…

计算机科学中的逻辑 · 计算机科学 2017-08-31 Bernd Finkbeiner , Christian Müller , Helmut Seidl , Eugen Zălinescu

Access control in the Internet of Things (IoT) is becoming increasingly complex, as policies must account for dynamic and contextual factors such as time, location, user behavior, and environmental conditions. However, existing platforms…

计算与语言 · 计算机科学 2025-06-02 Ye Cheng , Minghui Xu , Yue Zhang , Kun Li , Hao Wu , Yechao Zhang , Shaoyong Guo , Wangjie Qiu , Dongxiao Yu , Xiuzhen Cheng

Specification mining offers a solution by automating security specification for hardware. Specification miners use a form of machine learning to specify behaviors of a system by studying a system in execution. However, specification mining…

密码学与安全 · 计算机科学 2021-08-23 Calvin Deutschbein

The design of authentication protocols, for online banking services in particular and any service that is of sensitive nature in general, is quite challenging. Indeed, enforcing security guarantees has overhead thus imposing additional…

密码学与安全 · 计算机科学 2011-12-13 DaeHun Nyang , Abedelaziz Mohaisen , Taekyoung Kwon , Brent Kang , Angelos Stavrou

The dependency core calculus (DCC), a simple extension of the computational lambda calculus, captures a common notion of dependency that arises in many programming language settings. This notion of dependency is closely related to the…

编程语言 · 计算机科学 2010-04-09 Avik Chaudhuri

The transformation of power grids into intelligent cyber-physical systems brings numerous benefits, but also significantly increases the surface for cyber-attacks, demanding appropriate countermeasures. However, the development, validation,…

Authentication, authorization, and trust verification are central parts of an access control system. The conditions for granting access in such a system are collected in access policies. Since access conditions are often complex, dedicated…

密码学与安全 · 计算机科学 2022-12-06 Stefan More , Sebastian Ramacher , Lukas Alber , Marco Herzl

Improvements in software defined networking allow for policy to be informed and modified by data-driven applications that can adjust policy to accommodate fluctuating requirements at line speed. However, there is some concern that…

密码学与安全 · 计算机科学 2026-01-27 Yi Lyu , Shichun Yu , Joe Catudal

Large Language Models (LLMs) face a fundamental safety-helpfulness trade-off due to static, one-size-fits-all safety policies that lack runtime controllabilityxf, making it difficult to tailor responses to diverse application needs. %As a…

计算与语言 · 计算机科学 2026-02-09 Jianfeng Si , Lin Sun , Weihong Lin , Xiangzheng Zhang

Modern software systems rely on mining insights from business sensitive data stored in public clouds. A data breach usually incurs significant (monetary) loss for a commercial organization. Conceptually, cloud security heavily relies on…

密码学与安全 · 计算机科学 2022-06-14 Mikhail Kazdagli , Mohit Tiwari , Akshat Kumar

Policy specification for personal user data is a hard problem, as it depends on many factors that cannot be predetermined by system developers. Simultaneously, systems are increasingly relying on users to make security decisions. In this…

密码学与安全 · 计算机科学 2017-07-14 Adwait Nadkarni , William Enck , Somesh Jha , Jessica Staddon

Most software factories contain applications with sensitive information that needs to be protected against breaches of confidentiality and integrity, which can have serious consequences. In the context of large factories with complex…

编程语言 · 计算机科学 2019-09-10 Miguel Loureiro , Luísa Lourenço , Lúcio Ferrão , Carla Ferreira

Security in LLM agents is inherently contextual. For example, the same action taken by an agent may represent legitimate behavior or a security violation depending on whose instruction led to the action, what objective is being pursued, and…

密码学与安全 · 计算机科学 2026-03-23 Vincent Siu , Jingxuan He , Kyle Montgomery , Zhun Wang , Neil Gong , Chenguang Wang , Dawn Song