Complex software-security policies are dicult to specify, understand, and update. The same is true for complex software in general, but while many tools and techniques exist for decomposing complex general software into simpler reusable modules (packages, classes, functions, aspects, etc.), few tools exist for decomposing complex security policies into simpler reusable modules. The tools that do exist for modularizing policies either encapsulate entire policies as atomic modules that cannot be decomposed or allow ne-grained policy modularization but require expertise to use correctly. This dissertation presents a policy-composition tool called PoliSeer [27, 26] and the PoCo policy-composition software-security language. PoliSeer is a GUI-ba...
We present a method for specifying high level security policies that can be en-forced by runtime mon...
A static approach is proposed to study secure composition of software. We extend the λ calculus with...
In this thesis, we report our research on systematic security hardening. We see how the software dev...
Security policy specification languages are a response to today\u27s complex and vulnerable software...
Abstract | In this article we describe a componentized framework for dynamic security policies. The ...
Current policy languages come with a monolithic syntax and support only a limited set of security f...
Interactive security systems provide powerful security primitives (i.e., security-oriented system ca...
A runtime monitor is a program that runs in parallel with an un-trusted application and examines act...
Security policies are enforced through the deployment of certain security functionalities within th...
Dans cette thèse, nous nous intéressons à la spécification et à l analyse modulaires de politiques d...
There has been significant work to date on policy-specification languages that allow specification o...
International audienceFoCaLiZe is an object-oriented programming environment that combines specifica...
A security policy presents a critical component of the overall security architecture and an essentia...
Security policies stipulate restrictions on the behaviors of systems to prevent themfrom behaving in...
Runtime enforcement mechanisms are an important and well-employed method for ensuring an execution o...
We present a method for specifying high level security policies that can be en-forced by runtime mon...
A static approach is proposed to study secure composition of software. We extend the λ calculus with...
In this thesis, we report our research on systematic security hardening. We see how the software dev...
Security policy specification languages are a response to today\u27s complex and vulnerable software...
Abstract | In this article we describe a componentized framework for dynamic security policies. The ...
Current policy languages come with a monolithic syntax and support only a limited set of security f...
Interactive security systems provide powerful security primitives (i.e., security-oriented system ca...
A runtime monitor is a program that runs in parallel with an un-trusted application and examines act...
Security policies are enforced through the deployment of certain security functionalities within th...
Dans cette thèse, nous nous intéressons à la spécification et à l analyse modulaires de politiques d...
There has been significant work to date on policy-specification languages that allow specification o...
International audienceFoCaLiZe is an object-oriented programming environment that combines specifica...
A security policy presents a critical component of the overall security architecture and an essentia...
Security policies stipulate restrictions on the behaviors of systems to prevent themfrom behaving in...
Runtime enforcement mechanisms are an important and well-employed method for ensuring an execution o...
We present a method for specifying high level security policies that can be en-forced by runtime mon...
A static approach is proposed to study secure composition of software. We extend the λ calculus with...
In this thesis, we report our research on systematic security hardening. We see how the software dev...