While most research on XSS defense has focused on techniques for securing existing applications and re-architecting browser mechanisms, sanitization remains the industry-standard d...
Joel Weinberger, Prateek Saxena, Devdatta Akhawe, ...
—Role-based Access Control (RBAC) is one of the most widespread security mechanisms in use today. Given the growing complexity of policy languages and access control systems, ver...
—In this paper, we propose a formal analysis of domain extenders for hash functions in the indifferentiability framework. We define a general model for domain extenders and prov...
Marion Daubignard, Pierre-Alain Fouque, Yassine La...
Cross-Site Request Forgery (CSRF) is a widely exploited web site vulnerability. In this paper, we present a new variation on CSRF attacks, login CSRF, in which the attacker forges...
This paper articulates a system design for the secure role based messaging model built based on existing messaging systems, public key infrastructures, and a privilege management ...