Add to ORKGThis dissertation generalizes traditional models of security policies, from specifications of whether programs are secure, to specifications of how secure programs are. This is a generalization from qualitative, black-and-white policies to quantitative, gray policies. Included are generalizations from traditional definitions of safety and liveness policies to definitions of gray-safety and gray-liveness policies. These generalizations preserve key properties of safety and liveness, including that the intersection of safety and liveness is a unique allow-all policy and that every policy can be written as the conjunction of a single safety and a single liveness policy. It is argued that the generalization provides several benefits, including ...
A run-time enforcement mechanism is a program in charge of ensuring that all the traces of a system ...
A precise characterization is given for the class of security policies that can be enforced using me...
We present an access-control policy specification and verifi-cation process that is well-suited to m...
This dissertation generalizes traditional models of security policies, from specifications of whethe...
Abstract. This paper generalizes traditional models of security poli-cies, from specifications of wh...
AbstractSecurity policies define who may use what information in a computer system. Protection mecha...
Security policies stipulate restrictions on the behaviors of systems to prevent themfrom behaving in...
Language-based information flow methods offer a principled way to enforcestrong security properties,...
Computer security policies often are stated informally in terms of confidential-ity, integrity, and ...
Abstract. There exist many approaches to specify and to define secu-rity policies. We present here a...
Abstract. Program certication techniques formally show that pro-grams satisfy certain safety policie...
Security Policies constitute the core of network protection infrastructures. However, their developm...
This new paradigm defines security policies on cause-effect relations and models security mechanisms...
The security of complex infrastructures depends on many technical and organizational issues that ne...
<p>Computer and network security has become of paramount importance in our everyday lives. Cyber att...
A run-time enforcement mechanism is a program in charge of ensuring that all the traces of a system ...
A precise characterization is given for the class of security policies that can be enforced using me...
We present an access-control policy specification and verifi-cation process that is well-suited to m...
This dissertation generalizes traditional models of security policies, from specifications of whethe...
Abstract. This paper generalizes traditional models of security poli-cies, from specifications of wh...
AbstractSecurity policies define who may use what information in a computer system. Protection mecha...
Security policies stipulate restrictions on the behaviors of systems to prevent themfrom behaving in...
Language-based information flow methods offer a principled way to enforcestrong security properties,...
Computer security policies often are stated informally in terms of confidential-ity, integrity, and ...
Abstract. There exist many approaches to specify and to define secu-rity policies. We present here a...
Abstract. Program certication techniques formally show that pro-grams satisfy certain safety policie...
Security Policies constitute the core of network protection infrastructures. However, their developm...
This new paradigm defines security policies on cause-effect relations and models security mechanisms...
The security of complex infrastructures depends on many technical and organizational issues that ne...
<p>Computer and network security has become of paramount importance in our everyday lives. Cyber att...
A run-time enforcement mechanism is a program in charge of ensuring that all the traces of a system ...
A precise characterization is given for the class of security policies that can be enforced using me...
We present an access-control policy specification and verifi-cation process that is well-suited to m...