We introduce a language and system that supports definition and composition of complex run-time security policies for Java applications. Our policies are comprised of two sorts o...
Making backup is so cumbersome and expensive that individuals hardly ever backup their data and companies usually duplicate their data into a secondary server. This paper proposes...
We examine some known attacks on the PIN verification framework, based on weaknesses of the security API for the tamperresistant Hardware Security Modules used in the network. We s...
Matteo Centenaro, Riccardo Focardi, Flaminia L. Lu...
Proving software free of security bugs is hard. Languages that ensure that programs correctly enforce their security policies would help, but, to date, no security-typed language h...
We develop a compositional method for proving cryptographically sound security properties of key exchange protocols, based on a symbolic logic that is interpreted over conventiona...
Anupam Datta, Ante Derek, John C. Mitchell, Bogdan...