While general-purpose processor based systems are built to enforce memory protection to prevent the unintended sharing of data between processes, current systems built around reco...
Ted Huffmire, Timothy Sherwood, Ryan Kastner, Timo...
Internet protocols encapsulate a significant amount of state, making implementing the host software complex. In this paper, we define the Statecall Policy Language (SPL) which pr...
The IPsec protocol provides a mechanism to enforce a range of security services for both confidentiality and integrity, enabling secure transmission of information across networks...
A variant of the Mobile Ambient calculus, called Boundary Ambients, is introduced, supporting the modelling of multi-level security policies. Ambients that may guarantee to proper...
Models based on system calls are a popular and common approach to characterize the run-time behavior of programs. For example, system calls are used by intrusion detection systems...
Andrea Lanzi, Davide Balzarotti, Christopher Krueg...