Security policies are enforced through the deployment of certain security functionalities within the applications. Applications can have different levels of security and thus each security policy is enforced by different security functionalities. Thus, the secure deployment of an application is not an easy task, being more complicated due to the existing gap between the specification of a security policy and the deployment, inside the application, of the security functionalities that are required to enforce that security policy. The main goal of this paper is to close this gap. This is done by using the paradigms of Software Product Lines and Aspect-Oriented Programming in order to: (1) link the security policies with the security...
A security policy presents a critical component of the overall security architecture and an essentia...
peer reviewedSecurity of Java-based applications is crucial to many businesses today. In this paper,...
Nowadays, organizations rely more and more on information systems to collect, manipulate, and exchan...
International audienceThe secure deployment of an application requires the definition of the securit...
Ensuring the security requirements of an application is not a straightforward task. Security proper...
International audienceWe address the issue of formally validating the deployment of access control s...
Security in software applications is frequently an afterthought. Even if developers are aware of sof...
Security policies are enforced through the deployment of certain security functionalities within th...
Security Policies constitute the core of network protection infrastructures. However, their developm...
Complex software-security policies are dicult to specify, understand, and update. The same is true f...
Lors du développement des applications ubiquitaires, il est essentiel de définir des politiques de s...
International audienceFoCaLiZe is an object-oriented programming environment that combines specifica...
Policy enforcement, or making sure that software behaves in line with a set of rules, is a problem o...
AbstractThe paper presents ConSpec, an automata-based policy specification language. The language tr...
INTER-TRUST is a framework for the specification, negotiation, deployment and dynamic adaptation of...
A security policy presents a critical component of the overall security architecture and an essentia...
peer reviewedSecurity of Java-based applications is crucial to many businesses today. In this paper,...
Nowadays, organizations rely more and more on information systems to collect, manipulate, and exchan...
International audienceThe secure deployment of an application requires the definition of the securit...
Ensuring the security requirements of an application is not a straightforward task. Security proper...
International audienceWe address the issue of formally validating the deployment of access control s...
Security in software applications is frequently an afterthought. Even if developers are aware of sof...
Security policies are enforced through the deployment of certain security functionalities within th...
Security Policies constitute the core of network protection infrastructures. However, their developm...
Complex software-security policies are dicult to specify, understand, and update. The same is true f...
Lors du développement des applications ubiquitaires, il est essentiel de définir des politiques de s...
International audienceFoCaLiZe is an object-oriented programming environment that combines specifica...
Policy enforcement, or making sure that software behaves in line with a set of rules, is a problem o...
AbstractThe paper presents ConSpec, an automata-based policy specification language. The language tr...
INTER-TRUST is a framework for the specification, negotiation, deployment and dynamic adaptation of...
A security policy presents a critical component of the overall security architecture and an essentia...
peer reviewedSecurity of Java-based applications is crucial to many businesses today. In this paper,...
Nowadays, organizations rely more and more on information systems to collect, manipulate, and exchan...