Web applications are important, ubiquitous distributed systems whose current security relies primarily on server-side mechanisms. This paper makes the end-toend argument that the ...
IPSec (Internet Security Protocol Suite) functions will be executed correctly only if its policies are correctly specified and configured. Manual IPSec policy configuration is inef...
Zhi Fu, Shyhtsun Felix Wu, He Huang, Kung Loh, Fen...
In this paper, we consider typical applications in which the business logic is separated from the access control logic, implemented in an independent component, called the Policy ...
A system for enforcing messaging security policies for both store and forward and streaming messaging protocols on COTS operating system platforms is described. Messaging protocol...
This paper presents a theory of runtime enforcement based on mechanism models called MRAs (Mandatory Results Automata). MRAs can monitor and transform security-relevant actions and...