Sciweavers

5119 search results - page 648 / 1024
» Security Privacy
Sort
View
ESORICS
2011
Springer
14 years 6 months ago
A Systematic Analysis of XSS Sanitization in Web Application Frameworks
While most research on XSS defense has focused on techniques for securing existing applications and re-architecting browser mechanisms, sanitization remains the industry-standard d...
Joel Weinberger, Prateek Saxena, Devdatta Akhawe, ...
CSFW
2012
IEEE
13 years 9 months ago
Gran: Model Checking Grsecurity RBAC Policies
—Role-based Access Control (RBAC) is one of the most widespread security mechanisms in use today. Given the growing complexity of policy languages and access control systems, ver...
Michele Bugliesi, Stefano Calzavara, Riccardo Foca...
CSFW
2012
IEEE
13 years 9 months ago
Generic Indifferentiability Proofs of Hash Designs
—In this paper, we propose a formal analysis of domain extenders for hash functions in the indifferentiability framework. We define a general model for domain extenders and prov...
Marion Daubignard, Pierre-Alain Fouque, Yassine La...
CCS
2008
ACM
15 years 8 months ago
Robust defenses for cross-site request forgery
Cross-Site Request Forgery (CSRF) is a widely exploited web site vulnerability. In this paper, we present a new variation on CSRF attacks, login CSRF, in which the attacker forges...
Adam Barth, Collin Jackson, John C. Mitchell
ICECCS
2005
IEEE
108views Hardware» more  ICECCS 2005»
16 years 14 days ago
Evolving Messaging Systems for Secure Role Based Messaging
This paper articulates a system design for the secure role based messaging model built based on existing messaging systems, public key infrastructures, and a privilege management ...
Gansen Zhao, David W. Chadwick