The per-method access control lists of standard middleware technologies allow only simple forms of access control to be expressed and enforced. Research systems based on capabilit...
Timeout mechanisms are a useful feature for web applications. However, these mechanisms need to be used with care because, if used as-is, they are vulnerable to timing attacks. Th...
This paper describes a type system that is capable of expressing and enforcing immutability constraints. The speonstraint expressed is that the abstract state of the object to whi...
The growing number of information security breaches in electronic and computing systems calls for new design paradigms that consider security as a primary design objective. This i...
PrincipalDomain is an administrative scoping construct for establishing security policies based on the principals invoking object services that may entail objects moving around a ...