A long-standing problem in information security is how to specify and enforce expressive security policies that control information flow while also permitting information release...
Internet protocols encapsulate a significant amount of state, making implementing the host software complex. In this paper, we define the Statecall Policy Language (SPL) which pr...
Proving software free of security bugs is hard. Languages that ensure that programs correctly enforce their security policies would help, but, to date, no security-typed language h...
In traditional information-flow type systems, the security policy is often formalized as noninterference properties. However, noninterference alone is too strong to express securi...
When a computer program requires legitimate access to confidential data, the question arises whether such a program may illegally reveal sensitive information. This paper proposes...