International audienceWe propose a formal method to automatically integrate security rules regarding an access control policy (expressed in Or-BAC) in Java programs. Given an untrusted application and a set of Or-BAC security rules, our method derives corresponding AspectJ aspects. Derived aspects modify the behaviour of the underlying program so as to meet the policy. Then, these aspects are weaved into the target program (using the AspectJ compiler). The result is a trusted program on which the security policy is enforced. This approach was applied in order to secure the behaviour of a travel agency application
International audienceAccess control is a central issue among the overall security goals of informat...
In this paper, we present a policy-based approach for au- tomating the integration of security mecha...
In this paper, we present a policy-based approach for automating the integration of security mechani...
International audienceWe propose a formal method to automatically integrate security rules regarding...
International audienceIt is inevitable that some concerns crosscut a sizeable application, resulting...
peer reviewedSecurity of Java-based applications is crucial to many businesses today. In this paper,...
The lifecycle mismatch between vehicles and their IT system poses a problem for the automotive indus...
We present in this paper a novel approach to non-functional safety properties, combining formal meth...
This paper describes an extension of the Java language that provides “programmable security. ” The a...
Application-level security has become an issue in recent years; for example, errors, discrepancies a...
Abstract. We present a novel static approach to Role-Based Access Control policy enforcement. The st...
Abstract — Almost every software system must include a security module to authenticate users and to ...
International audienceThe secure deployment of an application requires the definition of the securit...
Abstract. Many of today’s software applications require a high-level of security, defined by a detai...
Doctor en Ciencias, Mención ComputaciónIt is inevitable that some concerns crosscut a sizable applic...
International audienceAccess control is a central issue among the overall security goals of informat...
In this paper, we present a policy-based approach for au- tomating the integration of security mecha...
In this paper, we present a policy-based approach for automating the integration of security mechani...
International audienceWe propose a formal method to automatically integrate security rules regarding...
International audienceIt is inevitable that some concerns crosscut a sizeable application, resulting...
peer reviewedSecurity of Java-based applications is crucial to many businesses today. In this paper,...
The lifecycle mismatch between vehicles and their IT system poses a problem for the automotive indus...
We present in this paper a novel approach to non-functional safety properties, combining formal meth...
This paper describes an extension of the Java language that provides “programmable security. ” The a...
Application-level security has become an issue in recent years; for example, errors, discrepancies a...
Abstract. We present a novel static approach to Role-Based Access Control policy enforcement. The st...
Abstract — Almost every software system must include a security module to authenticate users and to ...
International audienceThe secure deployment of an application requires the definition of the securit...
Abstract. Many of today’s software applications require a high-level of security, defined by a detai...
Doctor en Ciencias, Mención ComputaciónIt is inevitable that some concerns crosscut a sizable applic...
International audienceAccess control is a central issue among the overall security goals of informat...
In this paper, we present a policy-based approach for au- tomating the integration of security mecha...
In this paper, we present a policy-based approach for automating the integration of security mechani...