Web applications are the Achilles heel of our current ICT infrastructure. NIST's national vulnerability database clearly shows that the percentage of vulnerabilities located ...
Lieven Desmet, Frank Piessens, Wouter Joosen, Pier...
Vulnerabilities in distributed applications are being uncovered and exploited faster than software engineers can patch the security holes. All too often these weaknesses result fr...
We present a programming model for building web applications with security properties that can be confidently verified during a security review. In our model, applications are d...
Akshay Krishnamurthy, Adrian Mettler, David Wagner
In this paper, we present an Open Grid Services Architecture (OGSA)-based decentralized allocation enforcement system, developed with an emphasis on a consistent data model and ea...
Timeout mechanisms are a useful feature for web applications. However, these mechanisms need to be used with care because, if used as-is, they are vulnerable to timing attacks. Th...